// glossary / web-of-trust

Web of trust.

OpenPGP's decentralized alternative to centralized certificate authorities. You verify a friend's fingerprint in person, sign their key with yours, and your signature becomes evidence anyone who trusts you can use to evaluate their key. Chains of signatures build transitive trust without any central party.

// definition

The web of trust is OpenPGP's decentralized model for verifying key ownership. Users sign other users' keys after out-of-band fingerprint verification; the resulting graph of signatures lets anyone evaluate trust in unfamiliar keys via chains of trusted intermediaries.

What it is.

Traditional TLS uses a centralized model — certificate authorities vouch for identities, and your browser ships with a list of CAs to trust. OpenPGP, designed in the 1990s with a different threat model, uses a decentralized approach instead.

The mechanism is simple: after verifying that a key really belongs to its claimed owner (typically by comparing fingerprints in person or by another out-of-band channel), you sign their key with your own. This signature is attached to their public key on the keyserver, and anyone who downloads their key sees it.

When a third party encounters that key, they look at who has signed it. If you've signed Alice's key and they trust your signatures, they can transitively trust Alice's key — even without having met Alice. Chains of such signatures can extend further: A signs B's key, B signs C's key, C signs D's key, and someone who only knows A may end up with usable confidence in D's identity via the chain.

Why it matters (and where it falls short).

The web of trust was an elegant idea that never fully achieved critical mass in practice. Reality check:

It works inside tight communities. Linux distribution maintainers, certain academic circles, security researchers — these groups have functional webs of trust with real signature chains.
It does not scale to the general public. Most PGP users have never been to a key-signing party. Most keys have at most a self-signature. The "web" is mostly disconnected for most users.
Modern tools have moved past it. WKD, keys.openpgp.org's email verification, and direct fingerprint exchange (QR codes, in-person comparison) cover most practical key-distribution use cases without needing transitive signatures.
It's still useful for certain workflows. Linux distribution build infrastructure relies on it. Some communities use it as a social commitment device.

Modern OpenPGP practice for individuals: verify the keys of your direct contacts (in person, via QR, voice verification on a trusted channel), don't worry too much about transitive trust unless your community uses it.

// signing a key with gpg

# After verifying Alice's fingerprint in person: gpg --sign-key ALICE_FINGERPRINT # choose certification level (0=unknown, 1=casual, 2=careful, 3=very careful) # the signature is now attached to Alice's key in your local keyring # upload her key to keys.openpgp.org to publish your signature: gpg --keyserver hkps://keys.openpgp.org --send-keys ALICE_FINGERPRINT

// in PGPony PGPony tracks trust level on each key in your keyring — unknown, marginal, full, ultimate — surfaced in the key detail view. PGPony does not expose the operation of signing one key with another in its UI; web-of-trust signatures are produced via desktop gpg with keys imported from PGPony.

Related terms

Get PGPony

Free OpenPGP encryption for iOS and Android. No accounts, no tracking.

Download on the App Store Get it on Google Play