Re: Signature in Wrong Position

> On 17 Jan 2016, at 20:38, Melvin Carvalho <melvincarvalho@gmail.com> wrote:
> 
> 
> 
> On 17 January 2016 at 13:55, Henry Story <henry.story@bblfish.net <mailto:henry.story@bblfish.net>> wrote:
> I was looking at the Linked Data Signatures document
> 
>   https://web-payments.org/specs/source/ld-signatures/ <https://web-payments.org/specs/source/ld-signatures/>
> 
> I am not sure if this is the right list to discuss this.
> 
> I am really keen to have something like this to work, and I like
> most of it off the bat. But looking a bit closer I noticed what
> I think is a serious error that has an easy fix though.
> 
> The mistake is to put the signature *inside* the graph.
> Take example 1:
> 
> {
>   "@context": "https://w3id.org/identity/v1 <https://w3id.org/identity/v1>",
>   "title": "Hello World!",
>   "signature": {
>     "type": "LinkedDataSignature2015",
>     "creator": "http://example.com/i/pat/keys/5 <http://example.com/i/pat/keys/5>",
>     "created": "2011-09-23T20:21:34Z",
>     "domain": "example.org <http://example.org/>",
>     "nonce": "2bbgh3dgjg2302d-d2b3gi423d42",
>     "signatureValue": "OGQzNGVkMzVm4NTIyZTkZDYMmMzQzNmExMgoYzI43Q3ODIyOWM32NjI="
>   }
> }
> 
> In short: Signatures should be external to the graph, since that is the object
> of the signature. By placing it inside the graph as above the problem is
> 
> 1. the algorithm needs to remove elements from the signed graph
> 2. The algorithm won't be able to cope with alignement of ontologies such as
>   a different relation being discovered to be owl:sameAs the :signature
>   relation above. If another such widely used vocabulary is found, or perhaps even
>   if the current vocabulary is extended then the signature verification systems won't
>   necessarily be able to understand to remove those relations too.
> 
> It is much better to put the signature outside of the graph. Then
> 
> 1. The algorithm won't need to contain any condition about removing any relation
> which will be a lot better for large graphs, and speed up verification.
> 2. New relations could be found or the vocabulary could be extended without changing
> the signature verification algorithm.
> 
> Another way to think of this is that a named graph can always be mapped to a literal.
> ( This is why one can think of named graphs as already implicitly contained in RDF/XML )
> Signing documents is always external to the document in those circumstances.
> 
> I think it depends on the use case.
> 
> For LinkedDataSignature2015 the use case is so sign a canonical form of a graph pointed to by a subject.
> 
> You could also imagine another algorithm that signed named graphs, I dont think the two are mutually exclusive.

There should be no difference in the use cases.

> Each system has pros and cons, but if you canonicalize things well, the problem goes away, I think.  I think the way things are done currently reduces complexity, which in turn, increases adoption.  
> 
> For example, looking at your webid, you have a key in there, but it is unnamed ie a blank node.  This makes it impossible to do signing.  That is one of the reasons that work on WebID and work on web signatures diverged. 

You mean you can't refer to the key from outside the graph with a URI because it is a blank node? True, but that's not a problem for 
signatures. You can for example add the public key in the signature.

{
  "@context": "https://w3id.org/identity/v1",
  "title": "Hello World!",
  "signature": {
    "type": "LinkedDataSignature2015",
    "creator": { "cert:modulus": "DAB9D1E941F6F8...",
                      "cert:exponent": 65537 }                
    "created": "2011-09-23T20:21:34Z",
    "domain": "example.org",
    "nonce": "2bbgh3dgjg2302d-d2b3gi423d42",
    "signatureValue": "OGQzNGVkMzVm4NTIyZTkZDYMmMzQzNmExMgoYzI43Q3ODIyOWM32NjI="
  }
}

Anyway, that's neither here nor there. The question was one of where signatures should go: inside the graph or outside. One can
put the signature outside the graph with keys too, just as one can if one uses URIs to identify the key. 

This is not something that affects any use cases. It's a question of simplicity of algorithms.
It was pointed out in private conversation that the reason that this decision may have been made is because the other
way around is less easy for beginner coders to get right for some reason. 

My Json-LD is not so good. In N3 ( https://www.w3.org/2000/10/swap/Primer <https://www.w3.org/2000/10/swap/Primer> ) 
What would it look like with the signature outside of the graph? 


> The convenience of using (which actually you argued for, and manu and others argued against) bnodes comes at a cost.  The cost in this case was to have two different communities working on liked data PKI solutions, neither with really a lot of resources.  So bear in mind there's always a trade off between convenience, utility and generalization.

WebID does not disallow URIs for keys, as should be clear from reading the spec, and just from basic RDF principles. That point
was made a few times on the webid mailing list.

> 
> Not sure it would be correct to argue this is an error, simply a design decision.  
> 
> Work on signing other structures I think is also welcome, but maybe there's not (yet) enough use cases?
>  
> 
> Henry Story
> 
> 
> 
> 

Received on Sunday, 17 January 2016 21:45:15 UTC