Commit Graph

17 Commits

Author SHA1 Message Date
toadlyBroodle
df236f4ab9 merge recent changes 2023-04-29 13:25:49 +09:00
vivganes
3cec80d99e fix grammar and typos 2023-04-07 11:45:06 -03:00
Matthew Lorentz
9d0b59d381 Revert "Merge pull request #227 from erikwestra/nip-05-security-proposal"
This reverts commit 6d55463c89, and d87763781d reversing
changes made to a1a090160b.
2023-02-09 16:59:50 -05:00
fiatjaf
d87763781d
clarify and change account account_uris to account_paths. 2023-02-09 17:13:35 -03:00
Erik Westra
cf053d2a41
Suggested additions to NIP-05 to enhance security
Proposing a couple of changes to the NIP-05 protocol to reduce the chance of fraudulent use of "verified" public keys.  At present, I could create an account on a well-known verifying server under a random name, and then send DMs pretending to be someone else, and there's no easy way for users to tell who the verifying account actually belongs to.

As well as displaying the name of the account on the verifying server, this PR suggests an enhancement to the JSON data being returned so that clients can redirect the user to the user's profile page on the server.  This will make it much easier for users to check that someone who claims to have verified their Nostr account is who they claim to be.
2023-02-06 10:11:26 +13:00
Jeff Jing
025beb332c fix: typo 2023-02-03 10:40:57 -03:00
Luke Childs
01a3090c6a NIP05 Improve CORS header check command 2023-01-06 12:18:20 -03:00
fiatjaf
8c3c421715
merge NIP-35 into NIP-05. 2023-01-04 10:34:24 -03:00
fiatjaf
0ca9be8224
clarify nip19 purpose. 2022-12-29 21:02:32 -03:00
Lyle Pratt
a37a27afb9 Make it clear that NIP-05 Keys should be in Hex
There has been some confusion about whether npub keys are supported by this spec. According to @fiatjaf only Hex keys are supported. https://twitter.com/fiatjaf/status/1608606752987316224?s=20&t=6fJLD3077byuoTm96kva1g
2022-12-29 20:52:54 -03:00
majestrate
d41834fa51
update NIP-05 addressing reflectivity. (#128) 2022-12-29 11:01:35 -03:00
fiatjaf
997254ad7a
clarify that nip-05 identifiers should not be treated as primary keys. 2022-12-29 10:54:37 -03:00
sgmoore
4f67f5c999 Minor grammar and spelling fixes
Minor grammar fix at line 48. Minor spelling fix at line 56.
2022-12-17 22:31:19 -03:00
fiatjaf
743e43a8d4 finalize some NIPs we will not going to change anymore. 2022-11-22 14:52:34 -03:00
fiatjaf
a4aea5337f sneak filter.limit in nip-01. 2022-05-08 21:34:27 -03:00
David A. Harding
57b86d2482 NIP05: warn about CORS policies that may inhibit JS apps
JS Nostr apps such as Branle may not be able to load `nostr.json` files due to CORS policies.  Update NIP05 to warn about this and provide hints for troubleshooting and fixing the issue.
2022-05-07 17:18:23 -03:00
fiatjaf
f25c7e672c migrate nips from main nostr repo. 2022-05-01 07:48:57 -03:00