This is categorized list of papers produced by the Rebooting the Web of Trust design workshops is complete through RWOT-XII in Cologne (2023). To date we have produced 68 papers across 11 workshops.


A statement of some fact (or some opinion) about some entity.


The act of verifying an identity.


An open standard for blockchain credentials.


An immutable decentralized ledger maintained by consensus rules.


An authorization methodology where permissions are attached to an entity as a list of what objects that entity can access and in what way.

Commons & Cooperation

Working together for the common good.


A set of one or more claims about the same entity. Also see VERIFIABLE CREDENTIALS.

DAD: Decentralized Autonomic Data

Self-regulating or self-managing data that does not reside with a single party.

Data Vaults

Protected stores of online data, including Identity Hubs and more.

Decentralized Consensus Systems

A method for achieving agreement without a centralized authority.

DID: Decentralized Identifiers

A portable, globally unique identifier associated with some entity that does not require a centralized authority for registration.

DID Methods

A regularized methodology for creating, reading, updating, and revoking a DID.

Digital Rights

The codification of authorization to use digital media.

Digital Verification

The act of proving the accuracy of something, often verifying a digital signature.


General Data Protection Regulation. European laws that protect the data and privacy of individuals.


A proxy for identity that is used as a label to refer to the entity being represented. For example, a name or UID. See Also: DID.


A somewhat nebulous term, defined in different ways by different people. Broadly: who or what an entity is.

Identity, Decentralized

Identity that is not controlled by a central server. Also, “Self-Sovereign Identity”.


A cryptographic secret used to encrypt or decrypt data. See Also: Key Recovery, PKI, Wallets.

Key Recovery

A methodology for recovery a private key that has been lost.


The formatting used on GitHub (and by programmers).


Means for protecting information and minimizing its disclosure.


Public-Key Infrastructure. A methodology to ensure the creation, storage, distribution, and revocation of public keys. See Also: Keys.


A system for measuring the behavior of entities.

Self-Sovereign Identity

*Identity controlled by the user. See “The Path to Self-Sovereign Identity” for its origination. See papers under Identity, Decentralized


A means for verifying the authenticity of a message or transaction by signing it with a private key.

Social Networks

An online service that supports the creation of relationships between individuals and the sharing of information among these entities.


RWOT events have sometimes produced software prototypes.


Thoughtful postulations that suppose how things work.

Threat Models

Ways that things could go wrong.

Use Cases

Explorations of situations where the Web of Trust could be used.

Verifiable Credentials

A tamper-evident set of claims about the same entity.

Verifiers & Verification

The act of proving the accuracy of something.


A digital means to store private keys and their associated public keys.

Web of Trust

A method for assessing trust based on peer-to-peer processes.