W3C home > Mailing lists > Public > public-credentials@w3.org > December 2014

Re: New JSON-LD digital signature library for Javascript (browsers and node.js)

From: Dave Longley <dlongley@digitalbazaar.com>
Date: Tue, 09 Dec 2014 16:44:12 -0500
Message-ID: <54876D2C.9080001@digitalbazaar.com>
To: public-credentials@w3.org
On 12/09/2014 03:55 PM, Melvin Carvalho wrote:
> sure, I dont see any problem cases, maybe when an object is a bnode perhaps

Actually, this is exactly the case I'm thinking of. I don't see how this
works when there are other blank nodes involved; how do you assign them
names? (It's repeat of the problem that is solved by the normalization
algorithm itself).

> having an ID is useful on the web, ni is even more useful as it can be
> dereferenced in a decentralized way

Sure, I didn't mean to say having an ID isn't useful. I'm just saying
that if the hash isn't meaningful, why bother with "ni" .. why not just
do UUID or whatever else that involves a much simpler implementation?

> Same way it's generated but remove the @id first.
> Verification:
> 1. remove @id
> 2. normalize
> 3. get sha256
> 4. compare hashes

This only works if there are no blank nodes in the object position. I'd
prefer to see an algorithm that works generally ... especially since
this algorithm is about dealing with blank nodes. Saying it will only
work when there's just one involved in the dataset seems quite limited.

Dave Longley
Digital Bazaar, Inc.
Received on Tuesday, 9 December 2014 21:44:35 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:21 UTC