mleku on Nostr: this is effectively OAUTH on a system that already has authentication using elliptic ...

this is effectively OAUTH on a system that already has authentication using elliptic curves.

another brick in the wall of centralisation of nostr.

i doubt that it's going to get support from anyone not wanting to silo their userbase.

quoting
nevent1q…95q4

on the second flight I finished writing the implementation (and modifications to NIP-46) to make the following possible:

1. Alice goes to App A (e.g. Coracle) -- she clicks "create account" and gets a NIP-05 "alice@somesite.com". She uses Coracle as she normally would.

2. Alice goes to App B (e.g. Primal) -- she clicks "login" and types in "alice@somesite.com". A popup comes up and asks Alice if she wants to authorize this application to access her account. In an advanced setting She can scope down what the application can do (e.g. only create short notes but don't change the profile data)

At no point is there any mention of nsec, npub, keys, NIP-07, nsecbunker. Nothing. It just works.

cc Karnage and 248 others (npub1r0r…q9ac) miljan (npub16c0…6nvr) rabble (npub1wmr…g240)