Avatar
Tim Bouma 1y ago

Another thing that #nostr does is that it decouples the concept of a ‘certificate’.

Shortly after the invention of asymmetric cryptography, the ‘certificate’ was invented which was basically a signed public key with some metadata. This gave rise to that very powerful industry, PKI, where they made you believe that you needed them as an ‘issuer’ to be trusted.

Well, #nostr breaks that all apart, because the ‘certificate’ become part of the network, where every event (especially kind 0), becomes its certificate. If you need to graft of extra trust you can do so with nip05, and other yet to be specified trust schemes where an event (certificate) can be countersigned by another party or cross-validated against another source.

So in a nutshell, what does #nostr do? It breaks apart our current notion of a certificate and makes it part of the network as relayed events that are signed and uncensorable.

Reply to this note

Please Login to reply.

Discussion

33
unknown 1y ago

Everyone still uses wss though

Avatar
Tim Bouma 1y ago

How could we remove this dependency?

33
unknown 1y ago

Make relays support self-signed certs or come up with something new

Avatar
Max 1y ago

Signed metadata is powerful

Avatar
Tim Bouma 1y ago

Thx. I notice your nip05 is not verified with Amethyst. I had a similar problem and after a couple of days of troubleshooting I discovered that I had a trailing slash after nostr.json/ and nginx treated it as a redirect so nip05 failed. Hopefully you can fix.