Re: Siganture Assurance Profile from Joseph M. Reagle Jr. on 2001-03-08 (www-rdf-interest@w3.org from March 2001)

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Thu, 08 Mar 2001 15:34:37 -0500
To: Graham Klyne <Graham.Klyne@MIMEsweeper.com>
Cc: RDF interest group <www-rdf-interest@w3.org>
Message-Id: <4.3.2.7.2.20010308151800.020a9f08@rpcp.mit.edu>

At 21:23 3/7/2001 +0000, Graham Klyne wrote:
>In the short term, I think the modelling of the signature intent mechanism 
>would benefit from wider review:  with Joseph's permission, I attach my 
>comments on his proposal;  in particular, I suggest an approach for using 
>RDF to model the additional information.

Graham, thank you for your comments. I do agree that your model/syntax is an 
improvement on that found in the NOTE. Next time I update it, I will improve 
upon that.

>In the longer term, this modelling may play a role in building RDF 
>structures relating to anticipated future web-of-trust developments.  I, 
>personally, happen to believe that there should be a distinction between a 
>signature applied to a bag of bits, and an assurance that the signature 
>imparts to an interpretation of those bits.

I agree, and this is an important point, and I hope my proposal points 
towards a solution. XML Signature signs octets, that is really all it can 
do. However, it also provides a Type attribute within the Signature 
Reference. In my proposal, I'm using this type to "bootstrap" a signature 
semantic. The Reference is of type SignatureProperty to a SignatureProperty 
element, and consequently its content is a statement about the Signature.

The Signature specification does not specify any mandatory behavior over 
those Reference Types (though it does recommend that while signatures can 
sign most things as a bag of bits, it should be careful and understand a 
signature property) subsequent applications can use the facility. So, my P3P 
Assurance Application is a XML Signature Application *plus* some 
semantics/processing that recognizes P3P assurances as a SignatureProperty 
and must check its semantics: ensure the P3P Assuring Party is the same 
party signing the P3P policy.

To generalize this in a Web of trust scenario, when signing "someobject" I 
could bind the meaning of some RDF to my Signature with the following:

<Signature> ...
   <Reference URI="someobject.xml"/>
   <Reference URI="TheMeaningOfSignature.rdf">
     Type="http://www.w3.org/1999/02/22-rdf-syntax-ns#Statement">

1. An XML Signature application would check the signature on the bag of bits.
2. A Web of Trust application would check the signature on the bag of bits, 
and be able to process the "truth" of TheMeaningOfSignature.rdf as well.

Furthermore, the Signature Reference allows you to do Transforms (take the 
identified object and transform it). So the thing being signed need not even 
by RDF/XML. It could be a digraph, or some other representation that has a 
RDF serializer/canonicalizer transform applied to it for signing...

__
Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/

Received on Thursday, 8 March 2001 15:34:48 UTC