As part of thinking about 'web of trust' systems, I've recently come to think that there are effectively two sorts of identities on the Internet. For lack of a better terminology I will call these 'internal' and 'external'.

An external identity is an identity that is linked to something in the outside Internet world. In one sense, the identity exists to assert that the person behind a series of work is the same person and this new work comes from the same person as a series of previous work. 'Trust' for such an identity within your identity system is essentially meaningless; people don't care that Linus Torvalds' GPG key has lots of signatures, they care that it continues to sign Linux kernel releases and that the 'Linus Torvalds' on kernel mailing lists doesn't denounce it as forged and so on. The work done in the name of the identity is its proof and source of trust.

An internal identity is an identity without this property. Its only significant existence is within your identity system and it is otherwise free-floating, not tied to something else out on the Internet that people care about or look at. Trust for these identities is necessarily created within your identity system because there is nothing else to do it; there is nothing significant on the Internet to say 'yes, this is my identity'.

Internal identities are necessarily much more vulnerable than external identities because there is nothing else there; your identity system is it.

Man in the middle attacks are possible on unsupported external identities in situations where you can actually do two-way impersonation and keep it up. When it comes to personal identities I think that this is rare. Other sorts of identities are much more attackable this way and so need stronger internal support from your identity system; here the 'trust' your identity system needs to create is that you are talking to the real thing, not an imposter in the middle.