Vic on Nostr: Labels/Petnames are the only thing I've seen that helps solves this and is consistent ...
Labels/Petnames are the only thing I've seen that helps solves this and is consistent with technologies of the past (email and phone address books). There is no singular web of trust as we independently assess (or don't) the validity of any pubkey representing as an identity that may be known to us.
Some aspects that harm this are custodial nip05. I am increasingly of the belief that a nip05 should NOT be set for a user if they do not own the domain under which it is registered, and clients revealing whether a pubkey matched the nip05 should offer a way to view that value that doesn't require leaving the view and going to the user's profile. Amethyst does this fairly well. Nostrudel just hides it.
Some aspects that harm this are custodial nip05. I am increasingly of the belief that a nip05 should NOT be set for a user if they do not own the domain under which it is registered, and clients revealing whether a pubkey matched the nip05 should offer a way to view that value that doesn't require leaving the view and going to the user's profile. Amethyst does this fairly well. Nostrudel just hides it.
quoting nevent1q…8qepLooks like we're starting to get fake accounts like Jack@primal.net on Nostr, but that's defrayed by the trust gained by Jack's main account. A sophisticated attacker might spawn accounts that aren't on the platform already, making things difficult to track. Right now, Nostr's verification process is longest-standing npub with most followers, but perhaps, in time, there should be tracking on people who zap back and forth as "verification". This has the incidental benefit of getting people to use Bitcoin/LN even if they're not Bitcoiners.