RE: Detached Signatures Vs Detached Objects

At 11:45 99/11/25 +0100, Prince, Adam wrote:
 >The issue I foresee and am trying to identify how it should be solved is:
if 
 >I know that future generations of a document will be created and wish to
sign 
 >a reference to the future (as yet uncreated) generations how can I have 
 >application independent support for this?.  

Adam, 

The W3C has issued the Resource Description Framework (RDF) [1] for this
very purpose. There are numerous application specific schema's and semantics
using XML syntax. RDF defines a data model and XML syntax for describing a
portion of interoperable application semantics that will be common to many
data applications. The semantics RDF focusses on are the relationships
between resources.

 >The clearest example of this I can think of is a digitally signed
employment 
 >contract that states the employee must comply with the current employee 
 >handbook that is always maintained at 
 >..../intranet/HR/current-employee-handbook.htm.  Since this is a legal 
 >contract some form of non-repudiation may be required.

The RDF syntax ' rdf:about="http://mypage.com"' is an assertion about a
resource (and not necessarily it's content at any moment.)

Consequently you could have an XML/RDF application like the following, and
sign that:

<?xml version="1.0"?>
<rdf:RDF
  xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
  xmlns:s="http://scala.se/schema/employee-policies">
  <rdf:Description
about="scala.se/intranet/HR/current-employee-handbook.htm">
    <s:Must><s:Read>All</s:Read></s:Must>
  </rdf:Description>
</rdf:RDF>

[1] http://www.w3.org/TR/REC-rdf-syntax/


_________________________________________________________
Joseph Reagle Jr.   
Policy Analyst           mailto:reagle@w3.org
XML-Signature Co-Chair   http://www.w3.org/People/Reagle/

Received on Monday, 29 November 1999 16:33:02 UTC