This is the idea behind NIP-39, isn't it? Except that 39 is unfortunately specific; naming service-specific schemes in a NIP is restrictive (how do I verify self-hosted gitlab? Sourcehut? Whatever replaces github?), and also oddly enshrines & sanctifies a small set of services. If NIP-39 were abstracted, and ideally store attestations in notes as you suggest, it would be less tightly coupled.
I was thinking about this issue from a different direction: an attestation mechanism for use in authorization -- kerberos-in-nostr. It'd be a combination of NIP-03, NIP-40, and possibly NIP-06. Keyoxide covers a lot of use cases, so there's overlap. Both assert an (ownership) relationship between two accounts, but one additionally has an attestation from one of the service owners.
SER /
npub1zd…66tfk
2023-04-25 13:52:16
in reply to nevent1q…x9pk
Author Public Key
npub1zdyyy6j6krdsfuhza3j5wtsguvnqkhaw557j7gm44gtw3fydncsqy66tfkSeen on
wss://nproxy.kristapsk.lvPublished at
2023-04-25 13:52:16Event JSON
{
"id": "9b0a49e9430688c45d68ebc6a08ca250c8c61c9fbf41faca7155f0ad817b51d2",
"pubkey": "1348426a5ab0db04f2e2ec65472e08e3260b5faea53d2f2375aa16e8a48d9e20",
"created_at": 1682430736,
"kind": 1,
"tags": [
[
"p",
"32e1827635450ebb3c5a7d12c1f8e7b2b514439ac10a67eef3d9fd9c5c68e245"
],
[
"e",
"7848951d828559ba40c10a0351913db5bf2be2cef63e64413c2c0222dbdb3754",
"wss://nos.lol/",
"root"
]
],
"content": "This is the idea behind NIP-39, isn't it? Except that 39 is unfortunately specific; naming service-specific schemes in a NIP is restrictive (how do I verify self-hosted gitlab? Sourcehut? Whatever replaces github?), and also oddly enshrines \u0026 sanctifies a small set of services. If NIP-39 were abstracted, and ideally store attestations in notes as you suggest, it would be less tightly coupled.\n\nI was thinking about this issue from a different direction: an attestation mechanism for use in authorization -- kerberos-in-nostr. It'd be a combination of NIP-03, NIP-40, and possibly NIP-06. Keyoxide covers a lot of use cases, so there's overlap. Both assert an (ownership) relationship between two accounts, but one additionally has an attestation from one of the service owners.",
"sig": "ac97840093d7bf758bdcabf6cdfc682e3f85f527be6704f185320cea98fb575b48b664a122ea21e413957f84b695d20fa36a44e1e5625d4c621bbb8884bf4017"
}