Re: Linked Data Security (slide deck)

Hi Leonard,

> On 1 Mar 2021, at 00:50, Leonard Rosenthol <> wrote:
> Very timely Manu...
> The ETSI/ESI committee just had a meeting last week to discuss how technology such as VC, LD Proofs, and non-X.509-based certificates align (or not) with the current EU standards for Trust and Signatures. The result is that most likely one or more new work items will be created to study and/or start definition on some of these areas.  It is important that alignment with international laws be a key requirement for our standards development - because if not, then adoption won't happen.
> One thing that I think you call out - or at least that I take as a callout - from your deck is that Linked Data Security *MUST* be separated from this CG (as well as DID's, DLTs, etc.) and brought to standardization as a core set of capabilities that serve many use cases.  Keeping them tied to Credentials (etc.) will prevent them, IMO, from having the wider reach that they can and should have.

Absolutely agree.

As you could see, Manu referred to a very very early draft charter for a W3C WG. I hope to get to a more serious work in the coming weeks to move that forward. That charter is certainly aims at a more general use case set.

I have actually contacted some of my people to get at least one example into the charter (as part of the motivation for this work) that is NOT on CCG related activities. Areas that comes to my mind are signing medical records that are stored in RDF databases, signing set of statements added to a Knowledge Graph (which, very often, are also based on RDF), signing OWL ontologies (themselves as RDF graphs), or signing <> data that are added to a Web site. What we would need is a specific use case for a deployed application area that we can refer to from the charter (any help is welcome!).

When the charter proposal gets to the next phase (ie, when it is in a stage where W3C officially announces to the AC that it is working on this) I plan to share it on the semantic web mailing list, too; maybe a good source for effective application areas.

>  I, for one, have already starting using the Multibase/Multihash and HashLink work in areas around Content Authenticity, and I am looking toward helping the work of CBOR-LD as well.  With those building blocks in place, followed by the LD Sig and LD Proof work, and the various cryptosuites we will have some powerful tools that can applied in various & varied solutions.
> As always, whatever I can to do help get new CG/WGs off the ground to work on these various aspects - count me in!

I count on you:-)


> Leonard
> ´╗┐On 2/28/21, 2:57 PM, "Manu Sporny" <> wrote:
>    The attached slide deck provides a basic overview (with examples) of Linked
>    Data Security as well as the specifications in that orbit. The W3C CCG is
>    actively developing a number of these specifications.
>    This deck might be used for a future presentation on the topic to the CCG.
>    -- manu
>    -- 
>    Manu Sporny -;;sdata=tunqYaus7qrrBj226MYhzPRm%2BgtoJfhqLA%2FVXscFcKo%3D&amp;reserved=0
>    Founder/CEO - Digital Bazaar, Inc.
>    blog: Veres One Decentralized Identifier Blockchain Launches

Ivan Herman, W3C 
mobile: +33 6 52 46 00 43

Received on Monday, 1 March 2021 08:03:47 UTC