Kuro5hin.org was an attempt to build a community. It recently broke
down because of a failure to develop an efficient system which was
able to validate that each user who signedup was, in fact, a real
person. A sponsorship system would make sense, but can break down
quickly if three people get together and start sponsoring robots.
PGP's web of trust can suffer from a similar problem.
The UI, platform and features that community applications like Orkut
and Friendster support is, actually, very applicable to maintaining a
Web of Trust.
Analogy from Orkut:
First, you create a new identity (PGP key), put your name and your
email address into it. You then add "friends" to your network by
inviting them. Your invitation is a message with an uploaded picture
(security measure), and an email address. Their acceptance
(signature) puts your id (public key) in their database.
Any time someone accepts you as a friend, they are, essentially,
"signing" your key. And when they rank you as "trustworthy", they are
rating their level of trust in you. You can then view the "network".
The ability to rate your trust levels in various people, and the
ability to group your relationships into friends, business associates,
etc. are useful. For example, you may trust someone to sign a key for
certain uses but not for others. By coming up with a rating/rankings
system that works for most people, and is readily configurable and
understandable, it is possible to create a true "Web of Trust" that is
applicable not only for identity, but for all manner of transactions.
Ultimately, a great Web of Trust user interface could look something
like Orkut, except it would be hosted locally and would be a P2P
application. Thus it would not require any centralized authority,
such as Google, to maintain.
It certainly would make PGP popular to tie it to a P2P
community-building application.