Web of Trust

Web of trust is a cryptographic system in which follows a decentralized trust model, in contrast to a centralized trust model used in PKI.

This means that every user will verify one another based on their publicly listed keys.

In the long term, users can rely on a number of trusted introducers such that if all of them claim that the public key belongs to a specific individual, that information is verified. In other words, users can send along with their message, two or three attestation verifying their identity, hoping the reciever will trust of any of the verifying agencies.

The verifying agencies would emerge over time as they interact with more people, and anyone can choose to be a hub collecting public keys of many users. This works based on the concept of emergence, specifically used here for trust.

Pros
Flexible: Users can choose their own trust decisions
Cons
Users have to be careful in how they trust people. This can be solved by using strong open standards for trust.

Tags: cryptography