Oddbean

Every company requiring this type of functionality I'm the non-nostr world has to run a 'server'. Sure they can get free up to 10 seats from Google or whatever to have their employees send email from their domain, but that's not really free that's a trial of a paid server. Nostr is no different. If you're a company you should probably have a relay suite, and this server acts much like googles suite for your company. It can have extra features there like, keeping company notes, running bunkers, have apis, manage nip05s, run bots etc. So as nostr:nprofile1qqsrhuxx8l9ex335q7he0f09aej04zpazpl0ne2cgukyawd24mayt8gprfmhxue69uhhq7tjv9kkjepwve5kzar2v9nzucm0d5hszxmhwden5te0wfjkccte9emk2um5v4exucn5vvhxxmmd9us2xuyp said, it would be easy to have a bunker or API to handle the access to a single company key and revokation would be instant. The eventually inconsistent nature of the public nostr network is not going to be able to come to a consensus on something like a key rotation. Just like delete is in the spec, the deletes are very hard to propagate. The same would be true for any attempt to revoke a key. However, the NIP87 spec for private groups does do key rotation for a private group, but this requires the group to be on a limited number of relays as part of the spec. Perhaps delegation could work this way, but the reach of the notes would be limited to a set of relays. Notes would be more relay specific, and a combination of outbox and relay specific notes would need to be implemented in clients. At which point you would likely still want to run a relay for the company, but you could 'trial' the functionality on any set of relays that you trust enough for your purposes.

mainly for public viewing you just need the essential authority events to be broadcast along with the rest broadcast vs narrowcast is critical in any attempt to make nostr usable both as an open public network and as the basis for private/business use and being able to define boundaries... this also definitely requires custom relays as this simplifies the issues of how to make what is intended to be public, public the relay would respond to certain event types by activating some kind of functionality where the relay becomes a client to broadcast to other relays (like a selective version of blastr)

The number of startup companies that onboarding just gives you shared access to a set of shared passwords is near 100%.. so I guess with nostr the only difference is we can't change the password easily 😎

I also don't see a bakery at the corner holding keys -- I guess the owner would have some keys on his phone or something? But this is trying to fit a dystopic world (yes, people with phones is a dystopic world, in a saner world people would have computers where they could run an nsecbunker). But I also agree with you.

Don't be dismissive about the future tech prowess of "ordinary businesses" or "ordinary people". Ordinary businesses and people managed to type on a keyboard, run wifi or send email amongst others which all seemed need stuff out of reach at some point.

Small businesses do run servers, and if they don't they will use a provider to help them with this, e.g. WP Engine and Woocommerce for small business is actually big business. Don't underestimate the multitasking that small business has to do, bakery or not, we have to do all the things ( I'm speaking from first hand experience here in an industry that is not software/tech heavy) . Also the bakery in my area has its own IT, and its a small bakery but also a cafe/restaurant, which has its own separate needs for IT