W3C home > Mailing lists > Public > www-rdf-interest@w3.org > April 2000

Model Digest Algorithm

From: McBride, Brian <bwm@hplb.hpl.hp.com>
Date: Fri, 28 Apr 2000 17:41:31 +0100
Message-ID: <7686E88F1253D311A867006008CD059F11377E@0-mail-1.hpl.hp.com>
To: www-rdf-interest@w3.org
The idea of a signature for a model is an excellent one, but I wonder if the
algorithm needs more work.

As I understand the digest proposal, the digest of a model is the xor of the
digests of the component statements and the digest of a statement is for
some x,y and z:

	Rx(subject_digest) ^ Ry(predicate_digest) ^ Rz(object_digest)

where Rx means rotate x bits and ^ means xor, .

Consider a model with two statements:

	[subject, predicate1, object1]
      [subject, predicate2, object2]

The digest for this model would be:

	^ Ry(predicate1_digest)
      ^ Rz(object1_digest)
      ^ Rx(subject_digest)
      ^ Ry(predicate2_digest)
      ^ Rz(object2_digest)

The two Rx(subject_digest) cancel out and the resulting signature is
independent of the
subject in the model.

Brian McBride

>-----Original Message-----
>From: Sergey Melnik [mailto:melnik@db.stanford.edu]
>Sent: Thursday, April 27, 2000 21:36
>To: Graham Klyne
>Cc: www-rdf-interest@w3.org; CC/PP WG list
>Subject: Re: CC/PP, RDF and trust issues
>there have been some discussion relevant to building a Web of Trust on
>this list, in particularly with respect to signing RDF *content*. It
>seems important to me that the algorithms for signing RDF 
>operate on the
>RDF model rather than using a particular serialization syntax like the
>current XML-based one. Especially, if the syntax evolves over time.
>You can find a summary of some ideas of how that can be done at
>	http://nestroy.wi-inf.uni-essen.de/rdf/sum_rdf_api/
>The above description of the algorithm is based on the working code
>downloadable from
>	http://www-db.stanford.edu/~melnik/rdf/api.html
>In this approach, a cryptographic digest of a statement or a 
>whole model
>is taken to be the ID of the corresponding statement or model. Thus,
>reification comes "for free", i.e. one can make assertions about models
>directly by using their digest-based IDs.
>I believe that RDF is a great way of establishing trust on the Web and
>you are on the right path. I'm looking forward to hearing more about
>your efforts!
>Graham Klyne wrote:
>> [...]
>> In private discussions, a model has emerged in which an "assurance"
>> property can be applied to a reification of the RDF statements, whose
>> object is [an identifier of] the principal who signed the 
>original expression.
>> [...]
>> It seems that the shift from "signature" to "assurance" parallels the
>> distinction between the serialization of an RDF graph, and 
>the abstract
>> graph itself.  A signature, by its nature, applies to the 
>serialized form,
>> not the graph, but it does confer information that is 
>meaningful as part of
>> the knowledge potentially represented by the graph.
>> [...]
>> Implicit in this question is the idea that dealing directly with
>> reification in the CC/PP model will create a significant 
>barrier to its
>> adoption.  The CC/PP requirements document has already attracted some
>> public comment that it is over-complex;  irrespective of whether such
>> comments are justified, they send a signal that employing the full
>> expressive power of RDF will likely be problematic.
>> [...]
>> (c) if such an approach is to be adopted, or indeed any 
>other approach, it
>> may be that this is something that is going to be a common 
>requirement for
>> all sorts of RDF applications.  Therefore, it seems 
>appropriate that it is
>> defined as a common RDF facility rather than something that 
>is specific to
>> CC/PP.  Has any substantial work in this area already 
>tackled by the RDF
>> community?
>> [...]
>> Given that CC/PP is committed to be built upon RDF, it seems 
>desirable to
>> engage as much RDF expertise as we can in the CC/PP design.  It is
>> important for us to find a design for CC/PP that is direct 
>and intuitive
>> for developers and users, and that also does not violate the 
>RDF model or
>> common usage.  One area where this seems to be particularly 
>important is
>> that the trust issues are resolved cleanly and carefully.
Received on Friday, 28 April 2000 12:41:46 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:07:29 UTC