Oddbean new post about login | logout No log in like telegram. No slowdowns with simplex groups since it doesn't need to be quite that secure. Best of both.
Yeah, I feel like someone seriously concerned with security really should put up a firewall or use SimpleX, or there should be some way to wall off a relay effectively and programmatically.
You arguably won't get there with a nostr relay. You are trusting TLS at best. SimpleX does give you that advantage tmk. You could require VPN I suppose...
SimpleX Messaging Protocol goes over TLS.
Hmm, I though onion routing was required, through tor nodes or via dedicated nodes?
Maybe we should just use AUTH on group relays to create exclusivity, remove broadcasting, and abandon the privacy promise of encryption? Someone malicious could just screen-shot stuff or copy-paste the raw json, anyhow.
A private relay would be required here to properly enable AUTH and trust that the relay is authing against a configured ACL for your group. In that case yeah don't see the reason for encryption since TLS between client/relay and group messages are private to that relay behind auth.
And then you can add/remove people at relay-level, which works quickly and smoothly, and doesn't require a fake-admin-npub as a crutch.
We just need relay admin UIs??
We already have a good one, that is OS. https://github.com/orgs/relaytools/repositories
That's what he's running here: https://relay.tools/