Hi! I think, IPNS can be used to build a web of trust. Trusting the code in most cases is trusting the project maintainer or (the better) a team of maintainers. But if we talk about trusting web services in a peer-to-peer network — that’s another story as we can’t check which code runs on a particular node that provides the service. However, the project maintainer could potentially point out which nodes are authorized — i.e. which nodes does he/she trust to run the code on behalf of him/her (and the whole project). That’s like the classical web hosting: the project maintainer selects a hosting provider to run the application. But it’s not like the classical web hosting as a) the hosting providers are nodes on a peer-to-peer network, b) a number of providers can be authorized, c) no DNS is needed, d) the trusting relationships are explicit and automatically verifiable.
For more information, please, take a look at A preliminary discussion of the “Workswap” protocol .