Avatar
Marks 2y ago

People are connecting to personal or small relays over ws://. That means it’s a non-secure websocket connection. Generally it’s not a good idea to do non-secure connections. Are things different here with nostr? Things are signed locally, so private key isn’t exposed. Are there other security concerns?

Asking because a red flag goes up in my mind when i see protocols that don’t have the secure “s” on them. #security #nostrdev #nostrdevchat

Reply to this note

Please Login to reply.

Discussion

Avatar
Adam Ritter | rbr.bio 2y ago

If you want to do something, talk to people and look at how to implement wss instead of ws in their solutions. Just as an example I know that wss is better than ws, but when I'm writing a server, setting wss up is not my main concern, and I just hope that somebody helps me in it.

I wrote this as an example: https://github.com/adamritter/nostr-relay-info-server

Avatar
Adam Ritter | rbr.bio 2y ago

Btw thanks for using #nostrdev , we need to use hash tags more I guess