[jimmydoreornot]

I half agree, and half disagree. I agree that users need some kind of management tools to deal with public key crypto, shouldn't be copying private keys into apps, and there needs to be recovery from lost keys. It is a hard problem and nostr has a long ways to go.

I disagree that you need a "reliable way to know other peoples public keys." I think this puts the cart before the horse. And doing it that way, public certification authorities who say "I certify this key belongs to this person" can't be trusted anyways, so it doesn't really work (and as people do trust them for practical reasons, but shouldn't, they have enabled widespread TLS MitM by governments). It is rarely the case that you know someone and then you discover someone claiming to be them and you need them to prove their identity (which is BTW totally possible in nostr already). What usually happens is you learn the key first, and over time learn who that person is and develop intuition and trust about them through experiences that occurred via that key.