W3C home > Mailing lists > Public > w3c-rdfcore-wg@w3.org > April 2002

Re: application/rdf+xml Media Type Registration [DRAFT]

From: Graham Klyne <Graham.Klyne@MIMEsweeper.com>
Date: Mon, 01 Apr 2002 22:50:47 +0100
Message-Id: <5.1.0.14.2.20020401224621.03775700@joy.songbird.com>
To: Brian McBride <bwm@hplb.hpl.hp.com>
Cc: Aaron Swartz <me@aaronsw.com>, RDF Core <w3c-rdfcore-wg@w3.org>
At 03:59 PM 3/28/02 +0000, Brian McBride wrote:
>>       Security considerations:
>>
>>          Security considerations include many of those described in
>>          section 10 of [5] and more, due to the semantic nature of RDF.
>>          RDF documents may make assertions about anything, and thus RDF-
>>          based systems want to be certain that they can trust the
>>          document.  It is expected that future work with Digital
>>          Signature and "Web of Trust" will make it more clear how to
>>          build secure RDF systems.
>
>If Graham and others are happy with this, then so am I.

I'm happy with that as far as it goes, but (on reflection) I think there's 
another angle that might usefully be added, relating to privacy concerns 
(another staple of IETF security considerations).  The wording will 
probably need polishing...

[[[
RDF is designed to support inference over possibly large 
datasets.  Therefore, one should be careful about publishing even slightly 
private information in RDF form, as in conjunction with snippets of RDF 
information from other sources it may be possible to infer significant 
privacy-infringing information.
]]]

#g


-------------------
Graham Klyne
<GK@NineByNine.org>
Received on Monday, 1 April 2002 17:23:05 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 3 September 2003 09:47:20 EDT