Note also that delegation and rotation are related but different issues. We can't really have rotation without being able to delegate a different key as an authorized "representative" of the master key. The master key would then be kept cold and only be used to sign for revoking previously delegated keys and delegating new ones, which would be what we mean by key rotation.

However, delegation can also refer to delegating another person's key to be able to sign on behalf of a master key. In the key delegation for the purpose of rotation scenario, you don't really need to care what permissions that key has, because the owner of the master key and the delegated key are the same. However, in the situation where you want an employee's key to be able to sign on behalf of their employer, you almost certainly need to care about what specific permissions that delegated key has.

Both issues add a lot of complexity to Nostr, though the latter even more than the former, and would break every client that currently exists.