Subnostr

🌶️ take: clientside NIP05 verification should only be done for users I don't follow. If I already follow a pubkey, I trust it more than the DNS registrar or webserver they are using for NIP05.

Why do I need to constantly doxx my IP to some webserver everytime a user I already follow and trust appears on my feed?

The same way many clients are already using image proxies to protect users' privacy, more could be done with respect to NIP05 verification.

And no, NIP05 is not a reliable method of key revocation/rotation.

Reply to this note

Please Login to reply.

Discussion

Blake 2y ago

Less frequent for sure, however unless you check occasionally they could change it - so you’d be holding stale cache.

The point around a pubkey being more trusted than DNS is valid. As long as people aren’t spoofed when they initially follow someone.

sommerfeld 2y ago

Maybe it could re-check went you manually visit their profile, it's definitely more sane than checking it all the time.

Blake 2y ago

That would make sense to me.