Question: Should I be calling "friends of friends" your "web of trust" or is that the wrong term? Vitor thinks the web of trust is a google pagerank graph algorithm. We should coalesce around useful terms so as not to confuse each other. What term should I use instead?
Discussion
There was another thread about it:
nostr:note10gxkn9mfrp8jesaxy7zahyynaks3uvjwkmmyqw2stpqnh89qqzysea9pp8
I like “Your Network” for the normal user interface. WoT is more technical term to me from back when it was an alternative to Public Key Infrastructure (PKI) which you would also never put in a user interface
I would use the term Graph instead of Web. It might help the app devs to look for graph algorithms Instead of reinventing the wheel.
And "Trust" can be trust they are not a bot, trust that they are not assholes, etc.
technically correct but most people are not database administrators, programmers or mathematicians, this what normal people think of as a graph:
I mean, what is wrong with Friends of Friends? It is very transparent and informative about what it is.
But if folks must use something else, then "Your Social Connections" or "Your Network" are my picks.
i like web of trust as it's descriptive, but as you say google may have already squatted on the term so it could lead to someone confusion.
from a hermetic perspective we could consider some terms like 'sphere of resonance'? or perhaps 'fractal bonds'?
or perhaps even '2nd order friends' or 'circles of connection'. both could be extended to first, second or nth order / circles
you could call it "social graph" that's pretty generic
web of trust was first coined by the PGP devs i believe, and it's part of key server protocols (signing on other people's keys)
you could call it "social graph" - that's what it is, and people sorta have an intuitive understanding of how that's a map with localities
Agree with Vitor, 'WoT' recalls pagerank to me too.
friends-of-friends is super direct.
another alternative: 2-Degree Separation. Like in the "6-degree" Small world models from the Complex Network guys. Something that evokes a graph in layman terms.
The traditional concept of a Web of Trust (WoT) originates from systems like PGP (Pretty Good Privacy) or CACert.org, where trust is built through a hierarchical structure of verified attestations. In these systems, each person vouches for the authenticity of another’s identity, either through personal relationships or official documentation. This creates a "tree" of trust, where you may not know every individual personally, but you trust them because they are vouched for by someone you trust.
For instance, in the PGP WoT, certificates are signed to indicate different levels of confidence in an individual’s identity. These levels range from casual introductions to personal verification, often involving face-to-face meetings or the presentation of government-issued IDs. This system is built around real-world identity validation, ensuring a robust anchoring in actual trust relationships.
In contrast, social platforms (like The Nostr or even Twitter) often use a follow system as a very loose form of "trust." When you follow someone, you are indicating some degree of interest or confidence in their content or identity. However, this trust is often implicit and not backed by the same rigor that PGP or CACert demands. A "follow" on a social platform does not mean that you have verified the identity or the authenticity of the person you're following in the real world.
The challenge with using a follow-list as a form of Web of Trust is that it lacks strong, real-world anchoring. There’s no inherent process to verify identities beyond someone’s claim or online presence. People might link their The Nostr public keys (npubs) to social media profiles, but this still falls short of a rigorous, verifiable trust model. Without an external oracle—like linking to an official, trusted source or a verified social profile—the system becomes more "obtuse," meaning it's harder to determine what level of trust is warranted.
In this sense, the term "Web of Trust" needs more precise definition when applied to systems built purely on social connections, as the trust is more fluid and less structured than in traditional identity verification frameworks.
I agree, terms need to be defined.
In the context of The Nostr, i've observed that if a profile is active (posts regularly) AND has many follows AND the "degree of separation" is a short path to a "trusted circle" of a community, than the identity should be treated as more authentic than ones that may have a large following but does not regularly post and is connected with "real" people. If an identiy is not posting regularly, then many people may be fooled to follow but they would never get pruned because they aren't posting often. On the other hand, if its an inauthentic identity that DOES post often, they will eventually get "sniffed" out by real people. The reason it needs to be anchored to some authentic group of people is to avoid the WoT scheme from being "scammed" by bots that post often and follow eachother.
I just decided to rename it 'friends of friends' and be done with it. I provide that to the spam script which can use it if useful.
// fof - Friends of friends: Among you, the people you
// follow, and the people they follow, how many
// follow the pubkey of the event?
Maybe "second level network?"
Yeah, I think "your network" is better, also more recognizable. "Web of trust" is more technical and relates more to PGP key signing (and etc.) instead of trusting Certificate Authorities. I think it would be great to have the equivalent of that for Nostr npubs.