Figured I’d share this since I saw it.
The nostr relay thing does seem a bit… off to me. Not sure what really makes nostr better than here… Unless what we really want is a twitter experiance. Which I, of course, do not.
Figured I’d share this since I saw it.
The nostr relay thing does seem a bit… off to me. Not sure what really makes nostr better than here… Unless what we really want is a twitter experiance. Which I, of course, do not.
Well, the idea that I can create my own pleroma instance, create an identity, and then go check out noagenda or whoever else’s mastondon’s and the like.
Even peertube iirc. Possibly diaspora?
At that point, blocking me or the instance is the same thing since I’d be the only one on the instance. However, these instances are a bit of pain to setup for the average person, especially if the only point is to create an idenity since that thousands of other people are willing to do it for you.
But yea, that’s why I want to like nostr, mehbe someday a different client will work out for me, but with the way this stuff work out…It’s usually not what Iwant.
I keep seeing this an as argument for the fediverse. But it really is not and i’ll tell you why.
If everyone who used the fediverse hosted their own instance they would indeed have decentralized identities.
But they don’t.
So in your example, yes you can create your instance and your identity will be separate from noagenda social. But what happens when noagenda social bans you?
Every single user on no agenda social is banned from seeing you.
This is fair. And i’m not married to nostr. I believe though in a year or two we should have a pretty solid solution. It’s an ok mastodon and twitter alternative for now. Uses a lot of data though.
Yep, you’ve convinced me to give it another chance. I really should try out other clients, but android is what I usually use for reading, entertainment, etc… I have plenty of other computers though, I have no excuse.
I wonder if there is a way to change a private key. Say, mine gets compromised, without creating a new account.
No private keys are sacred in nostr. Just like Bitcoin. You lose it you have to tell all your followers to re follow the new public key .
I was thinking like how with gpg you can sign a subkey, use that, if it is comprimised you can send something out saying that the key is compromise and painlessly switch over to a new subkey since the master is only used to confirm subkeys.
Like Keyserver notes that this pubkey is bad, in this case nodes, the keyserver also notes that there is a valid new pubkey and transfers it over.
I don’t really understand that. Sounds like there needs to be some kinda central authority for that to work. I would have to read more about it. The guy who made nostr is really good with crypto stuff though. Someone said he was a core bitcoin developer.
As I recall back when I did gpg encrypted email.
You can create a master key. You use this master key to sign other keys.
Keep that master key super safe.
The subkey is what you use in general practice.
You upload your public keys to keyservers, which I believe is what happens with nostr nodes.
Your master key can revoke the subkeys at any time. This revocation is sent to keyservers and the public key is marked as invalid so other people don’t trust it.
You then make a new subkey signed by your master key to prove it is still you, but with a new key, and upload that public key.
Now that’s the key people use to encrypt data for you, as opposed to the old revoked one.
Now, I’m not sure exactly how it works either with the keyservers or nostr, but it seems like it should be doable. Have an air gaped master key that is only used to sign the keys you use day to day, and it’s that master key’s signature that is the verification of your identity.
Bonus points to this system, I can have five different nostr apps each create their own key. I could later verify all those keys with my master key to prove each of these different keys belong to the same identity. With that verification, if implemented of course, the noster nodes could link all the pub keys signed by the same master key to help people follow an identity across different types of content.
I know I’m somewhat confusing different points I was trying to make, but it should all be possible.
Ok so the masterkey and the key server are the central authority. You can implement the same thing in nostr. For example, someone could just manage your key for you. And you interact through a normal username and password. I’m sure those kinda service will come about.
Well, you do all this on the client side. It’s just that the nodes would manage your pubkeys. (Which the might already do?)
If your key gets hijacked by someone, it’s nice to be able to push a revocation certificate, if nothing else.