[jMyles]

> Identity (in any meaningful sense) must always delegate trust to some kind of issuing authority. If for no other reason than because any humane system must always accommodate users who forget their passwords, lose their private keys, etc.

Web of trust protocols are a decades-long solved problem (albeit without a prevailing deployment yet). It seems like your comment is meant to be quietly denigrating toward them (or do I have that wrong?). May I ask why?

It seems like eventually a web of trust model is going to arise and win over a critical mass.

[nearting]

Even in a web of trust, you're delegating trust to someone that you treat as an authority. Especially in practice, where the long-term outcomes of webs of trust tend to be either (1) the scale is nowhere near sufficient due to the effort involved in verification, or (2) you end up de facto trusting some authorities who can provide that scale, at the cost of the identity verification being less meaningful. Sure, it might be easier to cut off or reroute trust if things go south, I don't see us reaching a critical mass for a significant scale any time soon.

[kiitos]

> Web of trust protocols are a decades-long solved problem

Solved in a technical sense, maybe, but not in any meaningful sense. Statistically zero people use any web-of-trust based system for anything useful.

But we've already played this game, over the last couple of thousand years. That evolutionary process, however messy it may have been, has already produced a web of trust, to which we all delegate authority and responsibility. It's usually called "government".