Oddbean new post about | logout
acf88a03 | 1 months ago (raw) | root | parent | reply | flag +1 
 I don't understand why NIP-05 isn't signed:
https://github.com/nostr-protocol/nips/blob/master/05.md

"""
Identification, not verification
The NIP-05 is not intended to verify a user, but only to identify them, for the purpose of facilitating the exchange of a contact or their search.
"""

but we could easily add a signature field, otherwise the profile process is less secure than the signed-event model. Unless I missed something?
Robert | 1 months ago (raw) | root | parent | reply | flag 
 Interesting! How would that work in detail? Place a signature in the JSON of the NIP-05 server?
dtonon | 1 months ago (raw) | root | parent | reply | flag 
 NIP-05 should be use to identify an user, not to verify it. A signed NIP-05 would be rendundant.