W3C home > Mailing lists > Public > www-rdf-comments@w3.org > April to June 2002

Re: RDF and XML digital signatures (was: RDF Primer Comments)

From: Brian McBride <bwm@hplb.hpl.hp.com>
Date: Mon, 29 Apr 2002 19:15:11 +0100
Message-Id: <5.1.0.14.0.20020429191252.06f3c990@0-mail-1.hpl.hp.com>
To: reagle@w3.org, Graham Klyne <GK@ninebynine.org>, "Garret Wilson" <garret@globalmentor.com>
Cc: "Frederick Hirsch" <hirsch@fjhirsch.com>, <www-rdf-comments@w3.org>
At 12:14 29/04/2002 -0400, Joseph Reagle wrote:
[...]

> > Regarding (a), I take the view that a signature applies to a string of
> > bits or bytes, and regard attempts to sign the abstract content as
> > unnecessarily problematic.

Its certainly hard, at least for RDF, but an interesting problem.  But its 
describing the signature in RDF that's of interest here, not signing RDF 
graphs - right?

>  So S/MIME, PGP/MIME or XMLDSIG all work just
> > fine by my reckoning.
>
>Right, this is a tricky question that's bothered me for a while. (How does
>one identify a serialized RDF statement within a file? The hashing I'm
>seeing on cwm is at the file level.)

I don't follow the question.


> > I think (b) is an interesting project, if nobody's done anything about it
> > already.  I would suggest a goal would be that an RDF graph can describe
> > the bare assurance conveyed by a given digital signature on some content
> > (a document that encoded information <foo> was signed by identity <bar>
> > using a signature method <fie> and a key with certificate attributes
> > <foe> certifies by authority <fum> ... etc.)
>
>I'd be happy to work with a RDF guru towards this end.

I'd love to work with you on this, but I'm a little tied up at 
present.  You might try a  gentle request on www-rdf-interest.

Brian
Received on Monday, 29 April 2002 14:17:56 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 21 September 2012 14:16:30 GMT