PGP
Pretty Good Privacy (PGP) is a cryptographic communications protocol designed for signing and encrypting data, especially email.
PGP was a commercial program whose protocol was standardized as OpenPGP. GPG is the predominant modern implementation.
Design
A public-private keypair is generated ahead of time, and the public key is made widely available.
A sender generates a new, random key and encrypts a private message with it. They then also encrypt the random key with the intended recipient's widely-available public key. Even though the message exchange occurs publicly, only the intended recipient can decrypt the random key, and thereby decrypt the private message.
A sender signs an authenticated message using their private key. Any number of recipients can validate the signature against the widely-available public key, proving that the message was written by the sender. Validation could also fail if the authenticated message is corrupted or manipulated in any way that does not cause a collision in the hashing function. In this way, signing also proves validity of the authenticated message.
Individual users can access others' widely-available public keys and sign them with their own private keys. These signed keys can be authenticated and validated just like messages, to indicate that it is trusted. These signed keys can be further signed, leading to a encapsulation of public keys by all of the individual users that individually trust the public key. In this manner, a web of trust can be established on the basis of public keys.
Applications can then tap into the web of trust. The direct user holds ultimate trust in themselves. Any keys that were signed by the direct user hold direct trust. Any keys that were signed by a directly trusted user hold indirect trust by 1 degree of separation. And so on to n degrees of separation. An arbitrary threshold of trust can be set; perhaps anyone with any degree of indirect trust passes for communication services, and perhaps three lines of direct trust are required for validating software packages downloaded from the internet.
A user can retire their public-private keypair by generating a new pair and using the old private key a final time, to sign the new public key. This establishes direct trust from the old key to the new key, which is sufficient in most cases.
A user can expire a compromised keypair. First by generating a new keypair and distributing the new public key in place of the old one. Secondly by revoking the old public key using the old private key.