@bot @alex @40dba08627a2f2c69c3031666149b567168f049894aa5c42203a3920a3de8483 @84eaf37660225a312d27dbf72acf588106664d444bd432b1c8004c18fa109d63 @c37b6a82a98de368c104bbc6da365571ec5a263b07057d0a3977b4c05afa7e63 @burner @verita84 "Verify identity" with whom? The owner of the domain, obviously.

Well, I own a domain and I "verify identity" of people you hate. I do it on purpose because it makes you mad and I'm a big meanie troll doodoohead.

The people I verify just so happen to like talking to each other. They're a community. Maybe they talk out-of-band on Matrix or Discord or whatever.

Lots of people hate that community because they and the one who "verifies" them are a bunch of booger eaters. So what's the obvious solution? Let a person block the entire domain--any pubkey verified by that domain doesn't show up anymore.

Or maybe I'm just a spammer who wants to break through everyone's clients by "verifying" my many spam accounts (so many that nobody can hope to manually report them all). I buy my own cheap domain name and use it to get a fancy little checkmark or whatever clients decide to show, and then spam away. The obvious solution? Don't trust that domain to verify pubkeys.

This sort of thing is going to become commonplace.

"Verification" works when you trust the verifiers. Right now Nostr has mostly good (albeit very boring) actors and verifiers, but that is going to change if momentum picks up.