Consideration of NIP-98 for W3C Web Standards Alignment

Dear W3C Community,

I wanted to bring to your attention an interesting protocol specification
called NIP-98 (HTTP Auth for Nostr), which defines a method for authorizing
HTTP requests using Nostr events. [1]

Given the growing interest in decentralized technologies, I believe it
could be valuable for the W3C to review NIP-98 and consider how it might
align with existing web standards. This could potentially lead to broader
interoperability and the adoption of secure, decentralized authentication
methods.

Key points about NIP-98:
1. It uses a `kind 27235` event (referencing RFC 7235) for authentication.
2. It leverages the `Authorization` HTTP header with a `Nostr` scheme.
3. It includes built-in protections against replay attacks and request
tampering (currently a SHOULD/MAY).
4. It uses a `u` tag to reference a URI (currently a MUST).

One area that could benefit from W3C expertise is the handling of
multi-part uploads. There's an ongoing discussion in the Nostr community
about reconciling NIP-98 with NIP-96 (which deals with file uploads)
regarding payload authentication for multi-part form data. Input on best
practices for such scenarios would be invaluable.

There are currently adjacent implementations like Blossom [2] and my own
proof-of-concept called NosDAV [3]. An issue with aligning Blossom with
NIP-98 is that the website on an HTTP request is mandatory. However,
Blossom (Blobs stored simply on media servers) does not have a website, as
the blobs are content-addressable. How can we reconcile this?

I think this approach could complement our existing work on web
authentication and authorization standards. It might be a good idea to
start a quick community group document and put it out for review.

I look forward to hearing your thoughts on this. Thanks for your time and
consideration!

Best,
Melvin

[1] https://github.com/nostr-protocol/nips/blob/master/98.md
[2] https://github.com/hzrd149/blossom
[3] https://nosdav.com/spec/