>> accumulated in a web-of-trust manner between users, with a points
>> scheme.  I tend to call it "Certrimetics" because it has a surface
>> similarity with the various MLM schemes, but it's a practical and
>> effective illustration of the point.

>But if I understand correctly it's still not a true web-of-trust.
>There's still one root certificate that ultimately has to be trusted.

Well actually with OpenSSL, the search can stop at the first trusted issuer
(ie. the first CA cert found in /etc/certs or whereever).