From cde5d38f6d8ffbe004b35514433d6678eb715a57 Mon Sep 17 00:00:00 2001 From: fiatjaf Date: Thu, 12 Mar 2026 10:26:19 -0300 Subject: `sub` must contain the pubkey again, leave the jwt identity out of 39004 for now. --- 29.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/29.md b/29.md index cc8a0d4..21f2f10 100644 --- a/29.md +++ b/29.md @@ -58,6 +58,8 @@ The `Authorization` event should be of kind `27235` and contain a tag `["u", "ht Relays should enforce access control at the LiveKit JWT creation time according to the group settings. +Relays MUST set the `sub` property on the issued JWT (called "identity" in the standard LiveKit libraries) such that the initial 64 characters correspond to the lowercase hex public key of the Nostr user. The same user can be issued multiple JWTs and join the same LiveKit room multiple times, so relays are expected to appending a random identifier to those 64 characters. + In order to inform clients about relay support for AV (so they can display that option for users when creating or editing groups) relays should serve a status code `204` at `https://relay.tld/.well-known/nip29/livekit`. ## Event definitions @@ -238,7 +240,7 @@ This is an event that MAY be published by the relay informing users and clients This should be updated whenever a new user leaves or joins a group, clients are expected to be actively subscribed to it. -The event MUST contain zero or more `participant` tags with the participant's public key as lowercase hex and their identity in the LiveKit context (the identity is defined by the relay at JWT creation time and recorded in the JWT `sub` field). +The event MUST contain zero or more `participant` tags with the participant's public key as lowercase hex. ```jsonc { @@ -246,7 +248,7 @@ The event MUST contain zero or more `participant` tags with the participant's pu "content": "", "tags": [ ["d", ""], - ["participant", "", ""], + ["participant", ""], // other participants... ], // other fields... -- cgit v1.2.3