Laeserin @Laeserin - 12h
So the client could just generate one on the fly and use that to auth, for lurkers. Like a session key.
David @mleku - 12h
yup. that would be the idea. i'm sure they'll be slow to implement it tho. but when you consider the UX of many clients maybe this is a good thing "if you want to use these relays, here's our recommended clients list"
Laeserin @Laeserin - 9h
Well, we actually plan on having anon login, so that people can anonymously interact with Nostr through our client. That would allow for universal authing.
David @mleku - 9h
keep in mind that IP address is going to be trackable, so probably a per-session key is sufficient for this. the user would need to take care of their origin IP identity problem using tor. but also, if they really want to go to town, a per-request would be better, as tor typically can be easily triggered to make a new exit on demand so the more fake pubkeys the merrier.
