Re: CC/PP, RDF and trust issues from Graham Klyne on 2000-04-28 (www-rdf-interest@w3.org from April 2000)

From: Graham Klyne <GK@Dial.pipex.com>
Date: Fri, 28 Apr 2000 16:42:31 +0100
To: Sergey Melnik <melnik@db.stanford.edu>
Cc: www-rdf-interest@w3.org, CC/PP WG list <w3c-ccpp-wg@w3.org>
Message-Id: <4.3.1.2.20000428152409.00d20f00@pop.dial.pipex.com>
Sergey,

Thank you for your comments.

I took a look at the first reference you supplied 
(http://nestroy.wi-inf.uni-essen.de/rdf/sum_rdf_api/), and did not see 
anything there about signing RDF graphs.  The nearest I could find was the 
discussion in section 3.1 about using digests for resource ID 
generation.  Could you direct me more closely?

Generally speaking, I see we concur about the futility of carrying 
signatures of RDF serialization syntax as a way of representing assurances 
in an RDF model.  But we also seem to differ in the need to _sign_ an RDF 
model (as distinct from representing the assurance a signature may convey).


OF SIGNATURES AND ASSURANCES

The view I had taken was that an RDF model, or graph, does not have any 
specific representation.  Thus, it is not necessary to define a form of 
unforgeable _signature_ over an RDF graph, but rather to have a way of 
representing within the graph the type and level of assurance that is 
associated with various sub-graphs.  Mechanisms for resisting forgery 
belong in the serialization layer, not in (what I might call) the semantic 
layer.

For example:  suppose I receive a paper signed by "Alice" stating that "Bob 
has supplied service X".  Alice's signature on the paper allows me to 
assert, as a fact:  "Alice states that Bob has supplied service X".  This 
assertion is a meaning, without physical representation, that I draw from 
the paper supplied and as such is not of itself subject to confirmation of 
protection by Alice's signature.  (If I lose the original paper, I may 
still believe the conclusion drawn from it.)

In our discussions about CC/PP, one scenario we have considered is receipt 
of an RDF expression (in any serialization syntax) on a channel secured 
using SSL.   By virtue of using SSL (into an appropriately secure 
environment), the recipient can have confidence about the authenticity and 
integrity of the received RDF graph, but there is no signature that can be 
used for post-hoc verification of the information.  I believe this 
underlines the idea that an RDF graph (received in any form) should be able 
to convey information about assurances provided by signatures, without 
involvement in the signature mechanisms used for transferring such assurances.


USING REIFICATION

The RDF model provides the basis for a mechanism as described above through 
reification.  But, returning to a theme of my original message, reification 
is like an "assembly language" concept:  it can do the job but can be 
difficult and clumsy to use.  I was seeking a "high level language" form 
for expressing such ideas in RDF that can (in principle) be translated into 
reification, but which can also be handled by "direct interpretation" 
within an application.


USING DIGESTS

I think you are suggesting that a digest of an RDF subgraph can be used to 
construct an identifier that stands for the reification of that 
subgraph.  Then, using that identifier, RDF statements can be made about 
the reified subgraph.

For example, consider the CC/PP profile of some client C:  let the subgraph 
be represented by:

   ([C]...)

Let some serialized form of the digest of this subgraph be represented by:

   Digest([C]....)

Then the identifer:

   reify:Digest([C]....)

may be defined to stand for the RDF subgraph containing reifications of all 
of the RDF statements in ([C]...), and we can make statements like:

   reify:Digest([C]....)--assuredBy-->"Alice"

Is this roughly what you are suggesting?  If so, I have one concern, which 
I think is probably quite solvable.  Given an RDF graph containing:

   ([C]...)
   ([D]...)
   ([E]...)
   reify:Digest([C]....)--assuredBy-->"Alice"

How is a program to determine exactly which RDF statements are assured by 
Alice?  (Short of trying all possible combinations to find one that yields 
the correct digest?)

I did think of some ideas involving additional tagging in the RDF graph, 
but they all seem to have problems when additional statements about the 
same subjects get added to a graph.  Any thoughts?


Regards,

#g


At 01:36 PM 4/27/00 -0700, Sergey Melnik wrote:
>Graham,
>
>there have been some discussion relevant to building a Web of Trust on
>this list, in particularly with respect to signing RDF *content*. It
>seems important to me that the algorithms for signing RDF operate on the
>RDF model rather than using a particular serialization syntax like the
>current XML-based one. Especially, if the syntax evolves over time.
>
>You can find a summary of some ideas of how that can be done at
>
>         http://nestroy.wi-inf.uni-essen.de/rdf/sum_rdf_api/
>
>The above description of the algorithm is based on the working code
>downloadable from
>
>         http://www-db.stanford.edu/~melnik/rdf/api.html
>
>In this approach, a cryptographic digest of a statement or a whole model
>is taken to be the ID of the corresponding statement or model. Thus,
>reification comes "for free", i.e. one can make assertions about models
>directly by using their digest-based IDs.
>
>I believe that RDF is a great way of establishing trust on the Web and
>you are on the right path. I'm looking forward to hearing more about
>your efforts!
>
>Sergey

------------
Graham Klyne
(GK@ACM.ORG)
Received on Friday, 28 April 2000 13:19:35 UTC