Râu Cao ⚡ on Nostr: The WoT can only prove other people's trust in a key, but not who currently controls ...
The WoT can only prove other people's trust in a key, but not who currently controls it. In fact, the moment someone else gets a hand on your private key, the WoT still proves trust in that key being yours, until you somehow notify your peers, so they can revoke that trust. But how are you going to do this within the system, if there are no means for sub keys and key rotation in the first place?
Published at
2024-09-16 14:58:06Event JSON
{
"id": "34872003851b1b34cfb7c10c30f47153aea3439f2d828b420b2ad2db3d5fea4c",
"pubkey": "1f79058c77a224e5be226c8f024cacdad4d741855d75ed9f11473ba8eb86e1cb",
"created_at": 1726498686,
"kind": 1,
"tags": [
[
"e",
"328a82c176fb706f05f69c02199980ccfa2f125d045aa98904ed94c9479c4df8",
"",
"root"
],
[
"e",
"9d7fae1b67f7a291ae09c0d35047d473bdcd031d0999bf818284827551ef64b4",
"",
"reply"
],
[
"p",
"b7ed68b062de6b4a12e51fd5285c1e1e0ed0e5128cda93ab11b4150b55ed32fc",
"",
"mention"
],
[
"p",
"06b7819d7f1c7f5472118266ed7bca8785dceae09e36ea3a4af665c6d1d8327c",
"",
"mention"
],
[
"client",
"noStrudel",
"31990:266815e0c9210dfa324c6cba3573b14bee49da4209a9456f9484e5106cd408a5:1686066542546"
]
],
"content": "The WoT can only prove other people's trust in a key, but not who currently controls it. In fact, the moment someone else gets a hand on your private key, the WoT still proves trust in that key being yours, until you somehow notify your peers, so they can revoke that trust. But how are you going to do this within the system, if there are no means for sub keys and key rotation in the first place?",
"sig": "7f75f632b9d83eb6271f17de86418f998a879cbb83db1c92fb99d15c71e7b78b9186f5bb2cb1df305815fb8e183c66c07518a05fb73ea1593941d0bd248fcd88"
}
