it will be very easy to build tools that can be given a moderately long expiring token from one tool and used to activate another tool, mainly for read access but if the device can handle using a standard JWT secret key and sign stuff it can create data that is certified to that identity
it does occur to me that this is something like a revocable scheme for nostr identities that allows you to publish that a key has been updated and/or breached for security reasons
i suspect that even though i like the schnorr stuff that i will probably end up using the JWT cryptography for the alternative HTTP/plaintext data format for nostr events using the ES256 (P256, aka secp256r1) just as a fuck you to the edwards curve nutters - and the odd thing is that these signatures as i have been using them with JWT, produce a 64 byte consistent length, and the public key is also 32 bytes long, in its primary form (the encodings are all crazy shit, but i can ignore that)
making a form of nostr that actually uses standart http JWT crypto would open up the gates to all kinds of apps using the event/subscription model of nostr without needing the retarded bespoke, and mostly ... retarded... protocol design that is based on sockets, sockets are only useful for subscriptions, otherwise it would be a LOT easier to get these low-skill web devs to build nostr clients
that's really my goal here too, to open this wide and make it into something as simple and integrated with HTTP W3C standards that they will just allow it and people will really start to make use of it
the sockets and the cryptography and the badly designed protocol make it of limited interest to normal devs
mleku
npub1fj…mleku
2025-03-11 13:36:31
in reply to nevent1q…ve3h
Author Public Key
npub1fjqqy4a93z5zsjwsfxqhc2764kvykfdyttvldkkkdera8dr78vhsmmlekuPublished at
2025-03-11 13:36:31Event JSON
{
"id": "8cda76524e1acf8d6ca3f8d5456169129c4b1a68aeb5d570c1b469ecb195484b",
"pubkey": "4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f",
"created_at": 1741700191,
"kind": 1,
"tags": [
[
"e",
"eac8b22034e0a74d060a5494f3f26bfdcaca8a0403a4a97ceb32288f53d918fc",
"wss://mleku.realy.lol/",
"root"
],
[
"e",
"a46cd96dfc3abb35a9c6733ab65139079ec088b85b5e89f42fc8191e28e69660",
"wss://mleku.realy.lol/"
],
[
"e",
"3f45043f0a4286b52e63a1344a9a49981e54dc913b4b77371a67b9ee48d151a5",
"wss://relay.damus.io/",
"reply"
],
[
"p",
"7cc328a08ddb2afdf9f9be77beff4c83489ff979721827d628a542f32a247c0e"
],
[
"p",
"52b4a076bcbbbdc3a1aefa3735816cf74993b1b8db202b01c883c58be7fad8bd"
],
[
"p",
"e2ccf7cf20403f3f2a4a55b328f0de3be38558a7d5f33632fdaaefc726c1c8eb"
],
[
"p",
"fd208ee8c8f283780a9552896e4823cc9dc6bfd442063889577106940fd927c1"
],
[
"p",
"a9434ee165ed01b286becfc2771ef1705d3537d051b387288898cc00d5c885be"
],
[
"client",
"jumble"
]
],
"content": "it will be very easy to build tools that can be given a moderately long expiring token from one tool and used to activate another tool, mainly for read access but if the device can handle using a standard JWT secret key and sign stuff it can create data that is certified to that identity\n\nit does occur to me that this is something like a revocable scheme for nostr identities that allows you to publish that a key has been updated and/or breached for security reasons\n\ni suspect that even though i like the schnorr stuff that i will probably end up using the JWT cryptography for the alternative HTTP/plaintext data format for nostr events using the ES256 (P256, aka secp256r1) just as a fuck you to the edwards curve nutters - and the odd thing is that these signatures as i have been using them with JWT, produce a 64 byte consistent length, and the public key is also 32 bytes long, in its primary form (the encodings are all crazy shit, but i can ignore that)\n\nmaking a form of nostr that actually uses standart http JWT crypto would open up the gates to all kinds of apps using the event/subscription model of nostr without needing the retarded bespoke, and mostly ... retarded... protocol design that is based on sockets, sockets are only useful for subscriptions, otherwise it would be a LOT easier to get these low-skill web devs to build nostr clients\n\nthat's really my goal here too, to open this wide and make it into something as simple and integrated with HTTP W3C standards that they will just allow it and people will really start to make use of it\n\nthe sockets and the cryptography and the badly designed protocol make it of limited interest to normal devs",
"sig": "89982d02aa894e89475d47c0af6e6dcb211af4c80ac6c79091eacfaad11cbfb7451a605cca1ceb07150f1b0eaffcddd0dd5d6d4d4997b994706c722b63e8637b"
}