Oddbean new post about login | logout If relays had pubkey identities that were checked in protocol, relays could publish events advertising which IP address(es) they are running off of. Then we could ditch DNS and certificates, people's trust in a particular relay would follow the key rather than the domain name, and relays could inhabit many IP addresses and be seen as the same relay.
Yes.
sent you a DM
Yep. Let's get rid of DNS.
BTW this isn't a new idea. I'm just restating it in a way that might wake more people up to it. @PABLOF7z @Alex Gleason
It would also simplify my relay specific note spec by specifying the relay pubkey that its destined for instead of dns name https://github.com/nostr-protocol/nips/pull/1146 We could also then ditch certs and use the pubkey for a noise-protocol connection like we do on lightning
I guess the main downside of the cert thing is that browsers do not allow ws:// connections in a https context :/ Did i mention i hate the web
i highly recommend the use of wireguard, reverse proxies and letsencrypt (i have a nice one https://mleku.dev/git/lerproxy - the R is in the name as i intend to eventually add URL rewriting to it, but haven't wrapped my head around it yet) if you have never used wireguard yet, today's a good day to play with it i used to wish it was easier to do SSH tunnels for years and then somehow i finally was persuaded to look at wireguard and i've never looked back they use better encryption than SSL/TLS too, using chacha20 Curve25519 ECDH, Blake2S hash/MAC, Siphash24 for hash tables and HKDF https://www.wireguard.com/protocol/
https://en.wikipedia.org/wiki/WebSocket yes... you have to expose always http/s and then "upgrade" to tcp based websockets this is only a limitation to bend everyone into the cage that web devs are stuck inside i pray to God one day that there will be no more web browsers, only native apps