It remains challenging to realize well-rounded security in IoT forensics applications as widely used resource-constrained IoT devices cannot afford many proven technologies like blockchain. Thus, security solutions are often developed in a heuristic and empirical way that leads to residual security flaws or risks. Fortunately, the concept of 'trust' provides a promising methodology. Trust is a finite set of goals which are definable, verifiable and customizable. A lightweight security solution accommodating constrained IoT devices can be derived by identifying a minimum set of trust goals and developing lightweight protocols for them. This paper exemplifies a trust model for IoT forensics applications with formal proof and detailed evaluation. Trust goals are grouped into three trust levels according to the spatial-and-temporal span, i.e. evidence-, device-and system-level trust, which then aggregate into two trust schemes, i.e. EDTrust and EDSTrust. Formal proof confirms their validity, and performance evaluation reveals their resource-efficiency compared with existing IoT forensics schemes.