The "Web of Trust" model is the most interesting thing about PGP, because this is where PGP differs dramatically from S/MIME.
- PGP has no concept of a Certificate Authority: anyone may PGP Signature a certificate, and a certificate
may be signed by many people.
- Each PGP Key is assigned a level of validity: "undefined", "marginal" or "complete"
- A user may validate a key directly by comparing the key "fingerprint" e.g.
over the phone.
- Each person (or more formally, their key) is assigned a level of "trust
to introduce" -- this is how much the PGP user trusts the owner of this key to be an "introducer" to another public key certificate. "Full", "M
arginal", "Untrustworthy", "Don't Know"
- A certificate may be signed by any number of keys. It is up to the user to configure how many signatures from "full"y trustworthy keys, and how
many from "marginal"ly trustworthy keys are required before she accepts
that the certificate is valid (or marginally valid).
- So, I might decide that Gary and Steve are marginally trustworthy enough
to sign a certificate, but that Andy can be fully trusted. If I get a
new certificate which claims to be Jon's, I might decide to trust it
if it is signed by Andy, or if it signed by both Steve and Gary.
- User may choose a CERT_DEPTH parameter, which configures how many "degrees
of seperation" may exist between a trusted introducer and a new key such
that it may be trusted. If CERT_DEPTH is 0, all keys have to be validated
directly by the user.
"CA"s now exist, i.e. organisations who expect to be used as trusted signers.