Subnostr

I don't think you need to pgp sign the note on nostr, since the note is already signed by your nostr key which I trust 😉.

That brings my point the NIP-05 verification is not necessary and even wasteful on accounts you already trust since public-key crypto is more trustworthy and a webserver and DNS.

Seth For Privacy 2y ago

Since key management is so bad I'd hesitate to trust Nostr keys alone ATM.

GPG provides a useful additional layer that is generally much better secured and thus harder to compromise.

I do like NIP-05, though clients should make it *very* clear when an identity doesn't validate properly.

Reply to this note

Please Login to reply.

Discussion

₿logging₿itcoin 2y ago

+1 for PGP second factor.