we already trust npm, so why not use it as a public key infrastructure?
publish your identity
create a module called noffle-identity (replace noffle with your npm username)
add a single file, id.pub, with your public key (ssh format?)
publish as a scoped module, so that nobody can steal your name
this provides a consistent format for every npm user's public key
retrieve / check identity
maybe there's a module/command called npm-identity-verify that can search your local cache (or pulling from npm if available) for someone's identity and verify that they are who they say they are
we already trust npm, so why not use it as a public key infrastructure?
publish your identity
noffle-identity
(replacenoffle
with your npm username)id.pub
, with your public key (ssh format?)this provides a consistent format for every npm user's public key
retrieve / check identity
maybe there's a module/command called
npm-identity-verify
that can search your local cache (or pulling from npm if available) for someone's identity and verify that they are who they say they arethanks for @mafintosh for the idea!