W3C home > Mailing lists > Public > public-xg-webid@w3.org > January 2011

Re: WebID-ISSUE-11 (bblfish): define an inverse of cert:identity [ontologies]

From: Henry Story <henry.story@bblfish.net>
Date: Sun, 30 Jan 2011 10:03:21 +0100
Cc: nathan <nathan@webr3.org>
Message-Id: <2BACD2D6-AE09-494C-A69C-620B05294096@bblfish.net>
To: WebID Incubator Group WG <public-xg-webid@w3.org>

On 30 Jan 2011, at 03:36, Nathan wrote:

> WebID Incubator Group Issue Tracker wrote:
>> WebID-ISSUE-11 (bblfish): define an inverse of cert:identity [ontologies]
>> A proposal for a definition of a relation from the agent to the public key that is the inverse of cert:identity. 
> 
> Is this under the scope of the WebID XG?

Definitively. A full careful review of the ontologies is under the scope, as well
as clean up of the ontology, or extension of it. We should also produce an html 
version of it.

> 
>> ... It seems like it should be more natural to have a relation from an agent to a number of his public keys.
>> ...
>> [] a rsa:RSAPublicKey;
>>    rsa:modulus 34958345...;
>>    rsa:public_exponent 55000;
>>    cert:identity :me .
>> Whereas it could be done more nicely with
>> :me cert:publicKey [  rsa:modulus 123123123...;
>> ...
>> It is true that in rdfa one can use the rel="inverse" construct to get the same effect.
> 
> do you mean @rev ?

yes, thanks.

> 
>> The definition would look something like this
>>   rdfs:domain foaf:Agent;
> 
> Is there any need to define the domain? it's only constraining uses of the ontologies for no good reason, any agent using the property will already be well defined as an agent, and inferably so by several other properties.

Well it helps understanding. One should not constrain an ontology an ontology unduly,
but my argument was that the type of thing that is the reference of an x509 SAN has to
be something that can keep a public/private key, and interact with a browser. That is
one argument that it has to have agential features.

We should perhaps also simply look at the x509 semantics more clearly and see what they
mean by a subject. 

> 
>> The cert:identity relation could be deprecated.
> 
> Any reason to deprecate? it's just a named inverseOf and does have use cases, perhaps just document that in x scenarios cert:publicKey is simpler to use.

Reasons to deprecate may just be that it makes the initial WebID implementations more complex
than they need be fore implementations that don't have reasoning engines. 

> 
>> What should the relation be called. Something shorter probably.
> 
> unsure, also unsure how important the lexical form of the uri is, publicKey seems to indicate the correct relation though, just make sure the range is clear as to whether a hex string, formatted key, or logic hooks are expected.

Currently the public key is a cryptographic object, that in the case of RSA is defined
uniquely by two properties.

Ok, so this is a minor ontology change. We should probably look at the whole
ontology more carefully. There are a number of ontology issues I can think
of that we have or soon will have, enough experience to answer.

Henry

> 
> Best,
> 
> Nathan
> 

Social Web Architect
http://bblfish.net/
Received on Sunday, 30 January 2011 09:03:58 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Sunday, 30 January 2011 09:03:58 GMT