a pretty good detour. by what i understand pgp's "web of trust" scheme has flaws. according to pgp (alice trusts jane, jane trusts snoopy, bob trusts alice) implies bob trusts snoopy. this means that alice trusts jane to the extent, that if jane trusts a third person, then a fourth person who trusts alice automatically trusts that third person. deducing such results from a simple shades of trust system cannot lead to a reliable web of trust. thats common sense. what is required is a reputation system wherein trust is _qualified_ rather than _quantified_. its senseless to say i trust him five units. it will be more appropriate if pgp has a separate tag for "type of trust" or something like that. this kind of thing can be difficult to handle, since it a fuzzy parameter. add to the problem a global-system like internet where all communication is not person to person. i was wondering if there are any working mathematical models for reputation systems, and how successful they are. vipul ved prakash