One can google the phrase "PGP Web of Trust" to find out the details of the concept. Here's a short summary clipped from:
http://www.medicineau.net.au/computi...tornmoney.html
Quote:
|
One solution to the problem (of key management) is to introduce the notion of "trusted parties", that is, people who you trust to introduce (and therefore authenticate) other parties to you. Using the telephone analogy, you would only say secret things on the phone if someone you trust had given you the telephone number, not if you had just looked it up in the phone book. This is what the PGP documentation refers to as the "Web of Trust". Its structure is likened to that of a web as each party involved, trusted by you, can introduce other parties whom you may or may not already know.
|
A good reference:
The PGP Trust Model
http://www.cs.ucl.ac.uk/staff/F.Abdu.../pgptrust.html