Thread - Nostr Hypermedia

Relays: 5

Replies: 2

Generated: 11:10:01

GHOST ghost@nostrplebs.com npub18dlu...h8x3

Zapstore is great for software signing. It solves the only reason you would need a long dated PGP key which was for software verifiability. But PGP still solves one narrow problem I don’t want to lose which is offline file level encryption with a trust model I fully control. That doesn’t require a decade long key. It just needs short lived, compartmentalized ones. Nostr’s missing piece is native expiry and rotation standards. We’ll get there. Until then my argument is simple. Keep PGP minimal and disposable for encryption. Treat Nostr as the long term identity layer because it avoids the overhead that made PGP brittle. Using both gives you the strengths of each and covers the weaknesses of both. And it lets you cross verify identity without dragging PGP’s legacy baggage into it.

2025-12-07 06:49:20 from 1 relay(s) ↑ Parent 1 replies ↓

Replies (2)

Max max@towardsliberty.com npub1klkk...x3vt

Local (and remote) file storage encryption is doable with nostr too, here's an article with an early architecture, we made a lot of progress since, but I haven't made an update post yet. Check it out and please give some feedback. nostr:naddr1qqgrsde5xcexzvny8qerjvf3vgmkxqg3waehxw309ahx7um5wgh8w6twv5hsyg9ha45tqck7dd9p9egl6559c8s7pmgw2y5vm2f6kyd5z594tmfjlspsgqqqw4rs37vdn7

2025-12-07 07:20:43 from 1 relay(s) ↑ Parent 3 replies ↓ Reply

Max max@towardsliberty.com npub1klkk...x3vt

Ok, here the latest version of our architecture. nostr:naddr1qqgxxdryxfsnxvf3xscnvdnx8pnr2qg5waen5te0xyerwt3s9cczuvf6xsurvwf0qgst0mtgkp3du662ztj3l4fgts0purksu5fgek5n4vgmg9gt2hkn9lqrqsqqqa28ajp369

2025-12-07 07:42:34 from 1 relay(s) ↑ Parent Reply