A non-starter for certain companies, I should say. I've worked with bigger brands for ...

joeruelle / Joe Ruelle

npub1hyx…tqnx

2025-03-15 15:59:56

in reply to nevent1q…0u70

A non-starter for certain companies, I should say. I've worked with bigger brands for years, and for many in that category it's just not tenable to have the brand (or one of the many portfolio brands) present anywhere online in an official capacity if that presence rests on a single private key that has been "seen" and that is super-glued to important aspects of the past and the future.

This is due to the "You can never un-see an nsec problem", for lack of a better descriptor. If a CTO—or even a CEO—retains knowledge of that nsec post departure from the company then this just doesn't work, to say nothing of staff members further down the IT ladder (departments under departments under departments). And the higher up the ladder the less chance the person could be asked to take part in the nsec security chain (i.e. nobody would dare to ask).

Which means that either nobody at such a brand ever sees the nsec (it's generated and held cold by a trusted third party under contract, and the brand teams are only ever issued bunkers from shards as per the contract terms) or there has to be another solution.

This is not just your Pepsi's or your Toyota's either. My take is that brands don't have to get much bigger or less plugged-in than say Alby for this to be a deal-breaking concern.

Author Public Key

npub1hyxredcavc6ruqgsf4wf4hmakpwnvefmzaspl7dja6a2sxlx0q3sxwtqnx

Seen on

wss://relay.primal.net wss://relay.primal.net

Show more details

Published at

2025-03-15 15:59:56

Kind type

1 Short Text Note

Event JSON

{ "id": "551895f45e36a00ebfa037cd310437f1ead1ddfd7d2878a8942d71a2a27b61cc", "pubkey": "b90c3cb71d66343e01104d5c9adf7db05d36653b17601ff9b2eebaa81be67823", "created_at": 1742054396, "kind": 1, "tags": [ [ "e", "8b39687351e0ed44c9425dba03fff1bfe089a904dee2f2aee9835ea9e4c28483", "ws://192.168.18.7:7777", "root" ], [ "e", "462d3a3f750c77449dcf082034f98b5d617ebd69ce2994b0db06d78d8270c421", "ws://192.168.18.7:7777", "reply" ], [ "p", "b90c3cb71d66343e01104d5c9adf7db05d36653b17601ff9b2eebaa81be67823", "wss://relay.nostr.band/", "JoeRuelle" ], [ "p", "97c70a44366a6535c145b333f973ea86dfdc2d7a99da618c40c64705ad98e322" ] ], "content": "A non-starter for certain companies, I should say. I've worked with bigger brands for years, and for many in that category it's just not tenable to have the brand (or one of the many portfolio brands) present anywhere online in an official capacity if that presence rests on a single private key that has been \"seen\" and that is super-glued to important aspects of the past and the future. \n\nThis is due to the \"You can never un-see an nsec problem\", for lack of a better descriptor. If a CTO—or even a CEO—retains knowledge of that nsec post departure from the company then this just doesn't work, to say nothing of staff members further down the IT ladder (departments under departments under departments). And the higher up the ladder the less chance the person could be asked to take part in the nsec security chain (i.e. nobody would dare to ask).\n\nWhich means that either nobody at such a brand ever sees the nsec (it's generated and held cold by a trusted third party under contract, and the brand teams are only ever issued bunkers from shards as per the contract terms) or there has to be another solution.\n\nThis is not just your Pepsi's or your Toyota's either. My take is that brands don't have to get much bigger or less plugged-in than say Alby for this to be a deal-breaking concern.\n", "sig": "19270894d23ac9ae4d65cd7d5d497563994ee599fd481cda1a2797c3a061047648eee2838eae274f902fd2ffb1c63b51df3315f81722d5576e49d8c79a97063b" }