On Sat, 15 Jun 1996, Vipul Ved Prakash wrote:
a pretty good detour.
by what i understand pgp's "web of trust" scheme has flaws. according to pgp (alice trusts jane, jane trusts snoopy, bob trusts alice) implies bob trusts snoopy. this means that alice trusts jane to the extent, that if jane trusts a third person, then a fourth person who trusts alice automatically trusts that third person. deducing such results from a simple shades of trust system cannot lead to a reliable web of trust. thats common sense.
what is required is a reputation system wherein trust is _qualified_ rather than _quantified_. its senseless to say i trust him five units. it will be more appropriate if pgp has a separate tag for "type of trust" or something like that.
Concur. I suggested this kind of taging of signatures coupled with specific yes/no questions from pgp to narrow down the meaning and scope of trust extended by a given signature.
this kind of thing can be difficult to handle, since it a fuzzy parameter. add to the problem a global-system like internet where all communication is not person to person. i was wondering if there are any working mathematical models for reputation systems, and how successful they are.
vipul ved prakash
--- My preferred and soon to be permanent e-mail address:unicorn@schloss.li "In fact, had Bancroft not existed, potestas scientiae in usu est Franklin might have had to invent him." in nihilum nil posse reverti 00B9289C28DC0E55 E16D5378B81E1C96 - Finger for Current Key Information Opp. Counsel: For all your expert testimony needs: jimbell@pacifier.com