A long time ago there was this “web of trust”, I don’t think it exists anymore. Was one of the big CA and you could get different certificates through some form of vouching, I think it even went as far as meeting people to show your ID and then they sign you or something. As it was run by a big CA, not really distributed but IIRC they kept their involvement minimal. It’s been a long time but if you’re curious maybe look into that
Keybases popularity falling off a cliff isn't really surprising, their venture into shitcoinery already put them on thin ice with the anti-cryptocurrency crowd, and then development basically ceased overnight after the Zoom acquisition. I don't know why they're even bothering to keep the lights on, it's been five years of radio silence at this point.
keybase had promise early on but kinda lost the plot. the vouching system was neat in theory but never really caught on outside a small circle. the crypto stuff definitely didn’t help, and once zoom bought them it was basically a ghost town, no roadmap, no real dev activity, just inertia.
feels like identity + trust systems keep coming back around but never quite stick. maybe too hard to balance usability, decentralization, and adoption all at once.
I tend to think the ecosystem is vastly dominated by established solutions. In order for a New Thing to win, it needs to be at least an order of magnitude better and more usable, or the network effect obliterates it.
Could it also be that social media sites depend on commingling “daily active users” vs “number of unique humans” for having high numbers? A web of trust would establish one live person per account, somewhat like Facebook had a policy for.
Keybase was great. The idea behind it (using private key to prove your identity) is the idea behind some of the default methods for the Decentralized Identifier (DID) standard: https://www.w3.org/TR/did-1.0/
You're thinking of the Thawte Web of Trust: https://en.wikipedia.org/wiki/Thawte which was run by Mark Shuttleworth (now of Canonical). The certificates were used for email, not for SSL. I lost track of what happened to it after CACert took over.
