joeruelle on Nostr: A non-starter for certain companies, I should say. I've worked with bigger brands for ...
A non-starter for certain companies, I should say. I've worked with bigger brands for years, and for many in that category it's just not tenable to have the brand (or one of the many portfolio brands) present anywhere online in an official capacity if that presence rests on a single private key that has been "seen" and that is super-glued to important aspects of the past and the future.
This is due to the "You can never un-see an nsec problem", for lack of a better descriptor. If a CTO—or even a CEO—retains knowledge of that nsec post departure from the company then this just doesn't work, to say nothing of staff members further down the IT ladder (departments under departments under departments). And the higher up the ladder the less chance the person could be asked to take part in the nsec security chain (i.e. nobody would dare to ask).
Which means that either nobody at such a brand ever sees the nsec (it's generated and held cold by a trusted third party under contract, and the brand teams are only ever issued bunkers from shards as per the contract terms) or there has to be another solution.
This is not just your Pepsi's or your Toyota's either. My take is that brands don't have to get much bigger or less plugged-in than say Alby for this to be a deal-breaking concern.
This is due to the "You can never un-see an nsec problem", for lack of a better descriptor. If a CTO—or even a CEO—retains knowledge of that nsec post departure from the company then this just doesn't work, to say nothing of staff members further down the IT ladder (departments under departments under departments). And the higher up the ladder the less chance the person could be asked to take part in the nsec security chain (i.e. nobody would dare to ask).
Which means that either nobody at such a brand ever sees the nsec (it's generated and held cold by a trusted third party under contract, and the brand teams are only ever issued bunkers from shards as per the contract terms) or there has to be another solution.
This is not just your Pepsi's or your Toyota's either. My take is that brands don't have to get much bigger or less plugged-in than say Alby for this to be a deal-breaking concern.