Thread - Nostr Hypermedia

cloud fodder cloudfodder@rogue.earth 1 year ago

Right, I'm saying nip05 is the only real external validation nostr has. For this to work youd need either the open timestamp attestation stuff on profile updates and/or the web of trust to keep track of nip05 domain changes. If the domain changes you loose the trust score. Something like that.. I know it's prob not setup for this right now. For me, I use a nip05 that I manage personally, this may not work as well for nip05 provider services that login with npub, hehe. It's kinda like keybase or a pgp key server.. some external source of, "hey this is me now" outside of nostr.

↑ Parent

Replies (2)

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ me@mleku.dev 1 year ago

shouldn't the nip-05 only be relevant to the npub shown in the kind 0 that contains the URL spec where to look for the nip-05? anything else on that domain that doesn't have that npub is surely irrelevant if there isn't a corresponding event signed by the same npub?

1 replies ↓

cloud fodder cloudfodder@rogue.earth 1 year ago

Right, so the flow would be, you get your key compromised, you post some kind of "hey this key is compromised and here's the new one", and the new key's profile has the same nip05 address but with the new pubkey.

1 replies ↓