W3C home > Mailing lists > Public > public-xg-webid@w3.org > November 2011

Re: include privat ekeys Re: rsa ontology in cert namespace

From: Mo McRoberts <mo.mcroberts@bbc.co.uk>
Date: Fri, 25 Nov 2011 10:53:09 +0000
Cc: Peter Williams <home_pw@msn.com>, "public-xg-webid@w3.org" <public-xg-webid@w3.org>
Message-Id: <8835694D-8564-4B6C-92C7-8A4B5955336A@bbc.co.uk>
To: Mischa Tuffield <mischa@mmt.me.uk>

> Sure canonicalisation is not easy. But two people can independently sign different rdf documents, with bnodes and, verify the two are the same with sparql.

The problem is not verifying that are the same, but verifying that they are not different.

Consider:

_:a ex:someProp _:b .
_:a ex:otherProp _:c .

_:b foaf:name "Foo" .

_:c foaf:name "Bar" .

Now swap  ex:someProp and ex:otherProp over. Your graph could very well mean the opposite of what it did previously, but if you're not careful the signatures will still match.

M.

-- 
Mo McRoberts - Technical Lead - The Space,
0141 422 6036 (Internal: 01-26036) - PGP key CEBCF03E,
Project Office: Room 7083, BBC Television Centre, London W12 7RJ
Received on Friday, 25 November 2011 10:53:46 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 25 November 2011 10:53:46 GMT