Any ‘root of authority’ is actually a reverse proxy of someone else’s web of trust.

The similar statement "Any root of authority is someone else’s web of trust" can be understood by drawing an analogy to how trust works in network security, especially in the context of a reverse proxy.

In a security context, a root of authority refers to a trusted entity, like a certificate authority (CA), that vouches for the authenticity of certificates. This authority is trusted by all systems that recognize it as a valid source. However, that "root of authority" only holds power because others trust it—it’s part of a larger web of trust. The web of trust is a network of relationships, where trust is established based on the recognition and endorsement of that root authority by other entities.

To break this down:
- A reverse proxy may act as an intermediary between clients and backend servers, managing SSL certificates and establishing encrypted connections. For this process to work, clients must trust the certificates presented by the reverse proxy.
- Those certificates are trusted only because they are issued by a certificate authority (the root of authority), and the client’s browser or operating system inherently trusts that CA.
- The web of trust refers to the broader network of entities that recognize the root CA as authoritative. The CA’s power (authority) comes not from itself, but from being trusted by numerous systems and individuals.

In a broader sense, this means that any entity considered a root of authority, whether in a technical or organizational context, only has that status because it is embedded in and supported by a broader network of trust and relationships. Without that web of trust, the root of authority wouldn’t have its power or legitimacy.