How do you link Verifiable Credentials to a human?

I think that's what PGP's web of trust was out to solve. I still think it's a pretty clever idea, but it requires one universal standard and a more user friendly implementation...