In cryptography, a web of trust is a concept used in PGP, GnuPG, and other OpenPGP-compatible systems to establish the authenticity of the binding between a public key and its owner. Its decentralized trust model is an alternative to the centralized trust model of a public key infrastructure (PKI), which relies exclusively on a certificate authority (or a hierarchy of such). As with computer networks, there are many independent webs of trust, and any user (through their identity certificate) can be a part of, and a link between, multiple webs.
The web of trust concept was first put forth by PGP creator Phil Zimmermann in 1992 in the manual for PGP version 2.0:
As time goes on, you will accumulate keys from other people that you may want to designate as trusted introducers. Everyone else will each choose their own trusted introducers. And everyone will gradually accumulate and distribute with their key a collection of certifying signatures from other people, with the expectation that anyone receiving it will trust at least one or two of the signatures. This will cause the emergence of a decentralized fault-tolerant web of confidence for all public keys.
Read more about Web Of Trust: Operation of A Web of Trust, Contrast With Typical PKI, Web of Trust Problems, Doing The Math, Mean Shortest Distance
Famous quotes containing the words web of, web and/or trust:
“Ye whose clay-cold heads and luke-warm hearts can argue down or mask your passions—tell me, what trespass is it that man should have them?... If nature has so wove her web of kindness, that some threads of love and desire are entangled with the piece—must the whole web be rent in drawing them out?”
—Laurence Sterne (1713–1768)
“The delicate, invisible web you wove
The inexplicable mystery of sound.”
—T.S. (Thomas Stearns)
“The business of a seer is to see; and if he involves himself in the kind of God-eclipsing activities which make seeing impossible, he betrays the trust which his fellows have tacitly placed in him.”
—Aldous Huxley (1894–1963)