W3C home > Mailing lists > Public > public-xg-webid@w3.org > November 2011

Re: rsa ontology in cert namespace

From: Mo McRoberts <mo.mcroberts@bbc.co.uk>
Date: Tue, 22 Nov 2011 17:39:33 +0000
Cc: Tim Berners-Lee <timbl@w3.org>, WebID XG <public-xg-webid@w3.org>
Message-Id: <61D0DE40-3FB6-40BB-8911-0834349444B2@bbc.co.uk>
To: Henry Story <henry.story@bblfish.net>

On 22 Nov 2011, at 15:30, Henry Story wrote:

> I think the proof of the pudding is going to be what kind of definition we come up for those relations and just how convoluted they are going to be. Well it looks like the only overlap is with cert:modulus. So it could be defined as:
> 
> cert:modulus rdfs:label "RSA or DSA key public modulus"@en;
>  vs:term_status "unstable";
>  rdfs:comment """
>      The number known as the modulus in either an RSA Key or a DSA Key
>   """@en;
>  rdfs:domain :RSAPublicKey, DSAPublicKey;
>  rdfs:range xsd:hexBinary, xsd:base64Binary .
> 
> Notice that here we have to choose to either use a binary to represent the modulus or an integer type. The binary makes sense for the rsa public modulus, which is usually a very big number. But I am not sure if the DSA modulus is also a big number in the same way. It would be pure luck if it were.
> 
> Now with respect to the other DSA fields should those be xsd:integer or xsd:hexBinary (or base64Binary) ? The way we have decided in the case of the rsa exponent is that there it is usually a small number, and (therefore?) that  it is usually shown as an integer in base10 notation.

I would, to be honest, allow both ASCII-integer and encoded-binary formats for everything  although presumably this might cause problems in comparisons?

The reality is that these are all defined as 'arbitrary-precision unsigned integers', and by my reading of xsd-datatypes, xsd:integer can hold integers of *any* length (unlike xsd:long, xsd:int, etc.), represented in base 10. There's no fundamental reason why people shouldn't be allowed to write out the modulus and exponent in base-10 if they want to, other than it not being as compact as hex due to the digit-space.

> Do things get nasty where we then to add Elliptic Curve Cryptography?

From skimming the spec, I don't believe so, though it'll certainly need a few more properties being defined (and not all of them integers).

M.

-- 
Mo McRoberts - Technical Lead - The Space,
0141 422 6036 (Internal: 01-26036) - PGP key CEBCF03E,
Project Office: Room 7083, BBC Television Centre, London W12 7RJ
Received on Tuesday, 22 November 2011 17:39:58 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 22 November 2011 17:39:58 GMT