pull down to refresh

*verifying authenticity of information the signer would want someone to be able to verify the authenticity of
Most things that people use as examples of problematic fakes are likely to be things no one would willingly authenticate anyway. ie absence of (cryptographic) evidence is not evidence of absence. eg a senator isn't going to help us prove the video of them doing cocaine is real by signing it. Signatures really only help us prove whether someone wanted us to know that they meant to communicate something (and only to the extent that we can be confident they weren't compromised). I'm sure you're in touch with this fact already, but I try to remind myself that this kind of thing has a narrower utility band than it's made out to have.

Anyway, decentralized public key infrastructure (PKI) has a lot of prior art out there. This is where web-of-trust as a concept first appeared afaik. (It's where I started looking when I was researching WoT for our ranking.) Much of the progress in this area was made with PGP afaik.
Nostr's current solution seems to primarily be nip-05, which you cite, but there's also a lot folks talking about WoT depending on the season.
Yes, a senator doing cocaine won't post on NOSTR with their signature. In this case, there might be another observer (maybe a journalist) who will record it and post and you need to trust that journalist.
reply
And yes, I will refresh myself on the PGP and WoT -- those are good pointers.
reply
There's a lot of much sense. Well explained.
reply