VzxPLnHqr on Nostr: what if every nostr identity is, or easily, and optionally, could be, its own root ...
what if every nostr identity is, or easily, and optionally, could be, its own root certificate authority (CA)?
Say your master nostr identity is `nsec_master` with pubkey `npub_master`. For an event signature to be considered valid the event either:
1. must be directly signed by `nsec_master` (as is done currently)
2. or it has a small chain of signature/message pairs (certificates) terminating with a valid signature produced by `nsec_master`.
Since everyone runs their own CA, the length of the signature chain should be quite short, but even so it still would make the total event size larger (only for events that use this). But the usability improvements and features might be worth it.
Certificates need not be long-lived. For example, your CA could issue a 30 day cert to a fresh npub generated by your phone. If you lose your phone a lot, maybe a 1 day or 1 hour cert would be better for you. Now your phone can happily post and sign nostr events on behalf of your root nostr identity. Then, when you lose your phone, at least the cert will expire and you have not compromised your `nsec_master`. In the interim you could publish a revocation event.
As with everything in nostr, it would be up to clients to verify events.
Say your master nostr identity is `nsec_master` with pubkey `npub_master`. For an event signature to be considered valid the event either:
1. must be directly signed by `nsec_master` (as is done currently)
2. or it has a small chain of signature/message pairs (certificates) terminating with a valid signature produced by `nsec_master`.
Since everyone runs their own CA, the length of the signature chain should be quite short, but even so it still would make the total event size larger (only for events that use this). But the usability improvements and features might be worth it.
Certificates need not be long-lived. For example, your CA could issue a 30 day cert to a fresh npub generated by your phone. If you lose your phone a lot, maybe a 1 day or 1 hour cert would be better for you. Now your phone can happily post and sign nostr events on behalf of your root nostr identity. Then, when you lose your phone, at least the cert will expire and you have not compromised your `nsec_master`. In the interim you could publish a revocation event.
As with everything in nostr, it would be up to clients to verify events.