The trust that builds between a user and other's signatures, and the signatures that they trust.

A distributed trust model used by the PGP system to validate the ownership of a public key where the level of trust is cumulative, based on the individuals" knowledge of the introducers.

A term describing a relationship-based extension of the concept of trust, popularized in PGP. For example, if you trust Bob and Bob says Rachel is a good auto mechanic, you'll trust Rachel to fix your car even if you have not previously met Rachel. A similar concept is used to validate encryption keys in PGP. If you know and trust Bob, and Bob gives you a text block and says it is Rachel's public key, you'll accept the text block as Rachel's key even if you don't know Rachel. If Rachel later sends a message encrypted with or signed by her private key, you'll be ready to decrypt it or verify the signature because you have her public key. You can then pass Rachel's public key to someone who trusts you, thus extending the Web of Trust by another node.

In cryptography, a web of trust is a concept used in PGP, GnuPG, and other Open PGP-compatible systems to establish the authenticity of the binding between a public key and a user. It is, in some respects, an alternative to centralized public key infrastructure (PKI) reliance exclusively on a certificate authority (or a hierarchy of such). As with computer networks, there are many independent webs of trust, and any user (through their identity certificate) can be a part of, and a link between, multiple webs.