@clacke SPKI and SDSI were two complimentary standards that were being worked on for how to do key exchange and trust. It hit most of the right points: web of trust, basically you'd exchange certificates through a petnames system, invented the "canonical s-expressions" data format, no central authority model.

Unfortunately it didn't take off; Netscape bundled CAs inside their product to expedite things (despite warning from TLS community) and the CA problems we have stem from that decision.