- From: Graham Klyne <Graham.Klyne@MIMEsweeper.com>
- Date: Mon, 01 Apr 2002 22:50:47 +0100
- To: Brian McBride <bwm@hplb.hpl.hp.com>
- Cc: Aaron Swartz <me@aaronsw.com>, RDF Core <w3c-rdfcore-wg@w3.org>
At 03:59 PM 3/28/02 +0000, Brian McBride wrote: >> Security considerations: >> >> Security considerations include many of those described in >> section 10 of [5] and more, due to the semantic nature of RDF. >> RDF documents may make assertions about anything, and thus RDF- >> based systems want to be certain that they can trust the >> document. It is expected that future work with Digital >> Signature and "Web of Trust" will make it more clear how to >> build secure RDF systems. > >If Graham and others are happy with this, then so am I. I'm happy with that as far as it goes, but (on reflection) I think there's another angle that might usefully be added, relating to privacy concerns (another staple of IETF security considerations). The wording will probably need polishing... [[[ RDF is designed to support inference over possibly large datasets. Therefore, one should be careful about publishing even slightly private information in RDF form, as in conjunction with snippets of RDF information from other sources it may be possible to infer significant privacy-infringing information. ]]] #g ------------------- Graham Klyne <GK@NineByNine.org>
Received on Monday, 1 April 2002 17:23:05 UTC