The WebOfTrust refers to the concept of users signing each others' PGP/GPG PublicKeys to build a network, or web, of mutual trust. This network allows you to determine KeyValidity for keys that you have not directly signed.

This is in sharp contrast to X509, which assumes a strictly hierarchical chain of authority. There are several ongoing studies into the quality of the WebOfTrust concept, such as keyanalyze.

See also: