Signature in Wrong Position from Henry Story on 2016-01-17 (public-webpayments@w3.org from January 2016)

From: Henry Story <henry.story@bblfish.net>
Date: Sun, 17 Jan 2016 12:55:09 +0000
To: Web Payments <public-webpayments@w3.org>
Message-Id: <AC41B160-3F19-423E-B8D8-9797BED33E45@bblfish.net>

I was looking at the Linked Data Signatures document

  https://web-payments.org/specs/source/ld-signatures/

I am not sure if this is the right list to discuss this.

I am really keen to have something like this to work, and I like
most of it off the bat. But looking a bit closer I noticed what
I think is a serious error that has an easy fix though.

The mistake is to put the signature *inside* the graph.
Take example 1:

{
  "@context": "https://w3id.org/identity/v1",
  "title": "Hello World!",
  "signature": {
    "type": "LinkedDataSignature2015",
    "creator": "http://example.com/i/pat/keys/5",
    "created": "2011-09-23T20:21:34Z",
    "domain": "example.org",
    "nonce": "2bbgh3dgjg2302d-d2b3gi423d42",
    "signatureValue": "OGQzNGVkMzVm4NTIyZTkZDYMmMzQzNmExMgoYzI43Q3ODIyOWM32NjI="
  }
}

In short: Signatures should be external to the graph, since that is the object
of the signature. By placing it inside the graph as above the problem is

1. the algorithm needs to remove elements from the signed graph
2. The algorithm won't be able to cope with alignement of ontologies such as 
  a different relation being discovered to be owl:sameAs the :signature
  relation above. If another such widely used vocabulary is found, or perhaps even
  if the current vocabulary is extended then the signature verification systems won't
  necessarily be able to understand to remove those relations too.

It is much better to put the signature outside of the graph. Then

1. The algorithm won't need to contain any condition about removing any relation
which will be a lot better for large graphs, and speed up verification.
2. New relations could be found or the vocabulary could be extended without changing
the signature verification algorithm.

Another way to think of this is that a named graph can always be mapped to a literal.
( This is why one can think of named graphs as already implicitly contained in RDF/XML )
Signing documents is always external to the document in those circumstances.

Henry Story

Received on Sunday, 17 January 2016 12:55:41 UTC