What is a trust model in the context of digital certificates?

A trust model is the framework that defines how an application decides whether a digital certificate can be trusted. It specifies which certificate authorities (trust anchors) are trusted, how certificate chains are built and validated, and what checks and policies must be satisfied (such as chain validation up to a trusted root, signature verification, expiration, revocation status, and host name matching). In practice, software typically ships with a set of root certificates; when a TLS connection is made, the presented certificate is validated against those roots to determine legitimacy. If the chain cannot be anchored to a trusted root or revocation/status checks fail, the certificate is not trusted. Different trust models (like hierarchical PKI versus other architectures) define how trust is distributed and maintained. This is why the correct answer describes how applications decide on the legitimacy of a digital certificate.