I think NIP-05 is super-powerful because it gives an external trust context to an #npub. Some might argue, it is insecure, but that’s really a function of how the domain is managed and how you decide to trust.

NIP-05 also gives a really good bridge to the legacy world, and everyone knows how to read and make a judgment of a domain name (yes, I know about threats of character substitution, spoofing, etc., but that can be mitigated). All the DNS lookup stuff is deeply baked in the OS, so there is little reason not to use it.

If you dig into DNS, it’s not really centralized, as many claim.Yes, there is a root, but everything is delegated from that point downward. So it’s not really centralize or decentralized: I like to call it ‘delegated’. DNS (or more specifically DNSSEC) works for nation-states that are bombing each other, so I don’t see why it wouldn’t be leveraged by #nostr in a hopefully less-adversarial environment.

Finally domain names (URIs, URNs) have superpowers- have a read of RFCs 3986 and 8141. By their very structure, you, as a human, can read out the authority structure of a URN/URI before deciding what to do with (usually, trust). You can’t read a QR code, but you can read a text URI/URN to make a device-unassisted trust decision