Taking Web of Trust to the mass market
A pure web of trust implementation will fail in a mass market setting because establishing a trustworthy identity requires effort, and an identity that is effortless to establish is a magnet for fraud.
The PGP Web of Trust
PGP is no different in this regard: it works because of the effort invested by network participants.
The community represented by the PGP web of trust does not even remotely resemble the general population.
PGP usability imposes a very high barrier to entry and the typical PGP user will expend greater than average effort in verifying new identities and maintaining their existing contact list — and thus the network as a whole is able to sustain a reasonable level of safety for its users.
On the other hand, if the average participant in a network doesn’t want to expend any effort and blindly accepts identities based on the signals of others, then that acceptance cannot and must not be assigned any value or used as a signal of trust.
The current SSL ecosystem of trusted certificate authorities does NOT assign any value to user acceptance of SSL certificates — so the competence or incompetence of one end user does not affect the decisions other users make. The effort of establishing identities is invested entirely by certificate authorities and intermediates.
Herd Immunity
Any system that DOES assign value to user acceptance of identities — web of trust or other reputation systems — will not be able to sustain a reasonable level of safety for its participants in a mass market setting because the network lacks the critical mass of “conscious verifiers” required to stop fraudulent identities spreading with viral speed.
Unconscious verifiers in a web of trust increase the risk that conscious verifiers will be affected — automatic acceptance of the fraudulent identity is “transmitted” along trust lines.
And just like herd immunity, even a small drop in the ratio of conscious verifiers will lead to an outsized reduction in the safety of the network.
The speed at which a fraudulent identity propagates through a web of trust increases superlinearly with the ratio of “unconscious verifiers”.
And as internet literacy is not equally distributed due to socio-economic factors, unconscious verifiers are likely to form highly vulnerable clusters.
A safe Web of Trust is an exclusive one
Identity network implementers looking to fix the inherent issues of certificate authorities should be very selective about who participates in a web of trust— and it is probably not the whole network.
It has been proposed before that a web of trust could be used to authenticate a small set of highly competent certificate authorities which subsequently provide traditional chain-based authentication for wider network participants.
