W3C home > Mailing lists > Public > public-xg-webid@w3.org > February 2011

Re: WebID-ISSUE-46: Signing the profile document [research]

From: Henry Story <henry.story@bblfish.net>
Date: Tue, 22 Feb 2011 14:32:06 +0100
Message-Id: <C398D434-7DE7-4B37-9F01-DC120D54D49E@bblfish.net>
To: WebID Incubator Group WG <public-xg-webid@w3.org>

On 22 Feb 2011, at 14:18, WebID Incubator Group Issue Tracker wrote:

> 
> WebID-ISSUE-46: Signing the profile document [research]
> 
> http://www.w3.org/2005/Incubator/webid/track/issues/46
> 
> Raised by: Henry Story
> On product: research
> 
> 
> - What use cases would it solve?

Is it to solve the case where one does not trust the web server? Then one has a complicated battle ahead, since it could change the document and the signature at any moment, create a redirect, ...

> - How would one sign documents?

Since we are trying to work semantically, being able to sign graphs would be very handy.
Jeremy Caroll has a paper on this:

   http://www.hpl.hp.com/techreports/2003/HPL-2003-142.html

If one could put the signature inside the graph, that would allow one to sign rdfa, json, rdf/xml graphs simultanously. Otherwise how do other formats work with web browsers?

On the other hand many other technologies exist. 

> - How complicated would it be to put in place?

Just the answer to the previous question indicates it is not going to be easy to come to a consensus.

> 
> - Can one start without signature, and then add information to add signatures later on? Or does one have to find a way of stating that initially?

That is the main question to get an answer to. What does one need in the system in order to allow further cryptography to enter over time? Nothing, would be the best answer.

> 
> 
> 

Social Web Architect
http://bblfish.net/
Received on Tuesday, 22 February 2011 13:32:44 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:06:22 UTC