nips icon indicating copy to clipboard operation
nips copied to clipboard

Published 20 hours ago verified publisher icon nostr-protocol

Linked cryptographic identities

Open franzaps opened this issue 10 months ago • 7 comments

Rendered

franzaps avatar Apr 17 '24 02:04 franzaps

Nice! Is it necessary to index the <type>:<fingerprint>? Do we expect people to query by it?

vitorpamplona avatar Apr 17 '24 12:04 vitorpamplona

@vitorpamplona Thanks and yes, absolutely. This way coming across any PGP key or certificate in the wild one can check if that identity is also on nostr.

In my particular case for zap.store, it's one of the ways to link APKs with developers on nostr.

@fiatjaf this is my second attempt after failure with NIP-39, what do you think?

franzaps avatar Apr 17 '24 14:04 franzaps

Looks good. Seems like this could also link other nostr pubkeys, I could use this now.

Is it necessary to index the <type>:<fingerprint>

Necessary for my use case as well.

dskvr avatar Apr 17 '24 22:04 dskvr

@Semisol if you confirm it will get merged I can make a PR to NIP-39

franzaps avatar May 16 '24 21:05 franzaps

@staab @fiatjaf @vitorpamplona This one is good to merge. I'm happy to create a PR on NIP-39 if I get a confirmation that it will actually get merged.

franzaps avatar May 17 '24 22:05 franzaps

It seems like this does the same thing as NIP 39? I like the dedicated event as an addition, but I would add it as an addition to NIP 39, unless I'm misunderstanding its purpose. Is this implemented anywhere?

staab avatar May 18 '24 04:05 staab

It seems like this does the same thing as NIP 39? I like the dedicated event as an addition, but I would add it as an addition to NIP 39, unless I'm misunderstanding its purpose. Is this implemented anywhere?

It used to be in NIP-39, but was flawed, and semisol silently removed it instead of asking for a fix. This is a new proposal. I'm fine with either kind 10069 or kind 0. I can create a PR to NIP-39 but I first wanted to make sure it will be merged.

Yes it's being implemented! Developers on zap.store will start using this very soon. I started producing these events but only on relay.zap.store.

franzaps avatar May 18 '24 11:05 franzaps

I'd love to see a standardised way to claim an OpenPGP identity in Nostr, but I have a few thoughts:

  • I think it would make more sense to add these identities to NIP-39 instead of adding another message type; I don't understand the benefit to there being a new message type which almost duplicates NIP-39's functionality.

  • I think the verbiage of the English-language message to be signed is unnecessarily verbose. It would probably make sense for the sake of consistency to use the same proof string used by NIP-39: Verifying that I control the following Nostr public key: "<npub encoded public key>"

  • I think it would probably make sense to use the prefix openpgp4fpr, which is a standard. Note that PGP and GPG are the names of software, the encryption standard they implement is called OpenPGP.

caesar avatar Jun 28 '24 19:06 caesar

@caesar Yes this will be added to NIP-39. I don't mind updating the spec to what you suggest.

franzaps avatar Jun 28 '24 19:06 franzaps

Closing in favor of https://github.com/nostr-protocol/nips/pull/1335

franzaps avatar Jun 28 '24 20:06 franzaps