W3C home > Mailing lists > Public > public-rdf-wg@w3.org > June 2011

Re: Need for a canonical byte stream for an RDF graph

From: Steve Harris <steve.harris@garlik.com>
Date: Thu, 30 Jun 2011 12:49:24 +0100
Cc: public-rdf-wg@w3.org
Message-Id: <E260CAD6-6A5E-48B8-91BC-47BF3F3F04D5@garlik.com>
To: Jeremy Carroll <jeremy@topquadrant.com>
On 2011-06-30, at 12:45, Jeremy Carroll wrote:

> On 6/30/2011 4:31 AM, Steve Harris wrote:
>> 
>> I don't quite follow the logic there. I would expect it would be easier to bring about a denial of service if C14N is required? You could just send hard-to-canonicalise data (e.g. very deep tree, which requires rearrangement), with a bogus signature.
> 
> To try and rephrase the logic.
> 
> 1. Engineering the system so that verifying the signature of the byte stream suffices is a good solution.
> 2. If the use case genuinely requires verifying that some portion of a triple store was signed by some person at some point in the past, then (1) is impossible, because "some portion of a triple store" is not a byte steam and can only be compared with one using GI.
> 3. Using a technique such as in my paper, or Andy's technique of keeping the skolem IDs of all the bnodes around, and in some fashion avoiding collisions in Skolem IDs, reduces the GI problem to one that is N.log N.
> 
> 4. Without such a 'clever' technique, use cases such as in (2) are open to poison attacks.

OK, that makes sense to me.

- Steve

-- 
Steve Harris, CTO, Garlik Limited
1-3 Halford Road, Richmond, TW10 6AW, UK
+44 20 8439 8203  http://www.garlik.com/
Registered in England and Wales 535 7233 VAT # 849 0517 11
Registered office: Thames House, Portsmouth Road, Esher, Surrey, KT10 9AD
Received on Thursday, 30 June 2011 11:50:04 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 16:25:44 GMT