cloud fodder on Nostr: I applaud this effort. I am curious if you will also do something with certificate ...
I applaud this effort. I am curious if you will also do something with certificate issuance, nostr will need to become a 'certificate authority' as well. Or use ws:// and http:// instead of wss:// and https://
It is theoretically possible to have certificates for an IP address signed by a certificate authority but let's encrypt doesn't support it.
The other option I suppose is have clients able to accept and store the certificate for that IP one time only.
The problem with ws:// is that it's easy to man-in-the-middle, so even though nostr uses sigs it still needs encryption on the connection. Eg. on TOR or vpn you gonna get manipulated pretty hard without encryption.
Published at
2024-06-26 18:45:41Event JSON
{
"id": "8ecc118e1a1e29bc5388492cd35307fb99609af9dcb857b4b867520d22818076",
"pubkey": "7cc328a08ddb2afdf9f9be77beff4c83489ff979721827d628a542f32a247c0e",
"created_at": 1719420341,
"kind": 1,
"tags": [
[
"e",
"c6b7376dc1a4786a1a232b6f25df08405f8eb55d5dbde3de22247fa81d9150f9",
"",
"root"
],
[
"e",
"ab842ff5741ec631fa719852c0dd77ce9a627172aceea9b1e1596f1845128bad",
"",
"reply"
],
[
"p",
"460c25e682fda7832b52d1f22d3d22b3176d972f60dcdc3212ed8c92ef85065c"
],
[
"p",
"00000000827ffaa94bfea288c3dfce4422c794fbb96625b6b31e9049f729d700"
]
],
"content": "I applaud this effort. I am curious if you will also do something with certificate issuance, nostr will need to become a 'certificate authority' as well. Or use ws:// and http:// instead of wss:// and https://\n\nIt is theoretically possible to have certificates for an IP address signed by a certificate authority but let's encrypt doesn't support it.\n\nThe other option I suppose is have clients able to accept and store the certificate for that IP one time only.\n\nThe problem with ws:// is that it's easy to man-in-the-middle, so even though nostr uses sigs it still needs encryption on the connection. Eg. on TOR or vpn you gonna get manipulated pretty hard without encryption.",
"sig": "ece5d34508f562a0258e0d7d82ebb0b72407e0db6f84d28195adcde105e067be7587126515010deb2a901a683ad7b0cbc440eafb874872532dc65763cd75b838"
}
