A web of trust is a trust model defined in the OpenPGP standard that relies on users to establish the authenticity of the binding between a public key and its owner.
Without a central controller (e.g., a CA), users depends on other users for trust.
Each public key is:
Its decentralized trust model is an alternative to the centralized trust model of a x.509 hierarchical public key infrastructure, which relies exclusively on a a hierarchy of certificate authority.