Re: [public-json-ld-wg] <none> from William Entriken on 2020-02-15 (public-json-ld-wg@w3.org from February 2020)

From: William Entriken <entriken@phor.net>
Date: Fri, 14 Feb 2020 23:48:55 -0500
To: Robert Sanderson <azaroth42@gmail.com>
Cc: Gregg Kellogg <gregg@greggkellogg.net>, W3C JSON-LD Working Group <public-json-ld-wg@w3.org>
Message-ID: <CAFwrLX4L_7vxPZtXA1bX_eiQhnxe--Aj-iBuW-aM66_WOA2E_Q@mail.gmail.com>

Thank you for your help and the reference. I will follow along at #108.

Regards,
Will


On Wed, Feb 12, 2020 at 5:29 PM Robert Sanderson <azaroth42@gmail.com>
wrote:

>
> Thanks William, Gregg!
>
> Yes, I think that the @import mechanism is a great framework for moving
> context metadata forward in a future version. It provides also a space for
> experimentation until that time that doesn't interfere with other
> processing, but that it is now far too late in the process to introduce the
> details of how to do integrity, versioning, and other metadata.
>
> Rob
>
>
> On Wed, Feb 12, 2020 at 2:20 PM Gregg Kellogg <gregg@greggkellogg.net>
> wrote:
>
>> We discussed SRI protection for remote contexts in Issue 108 [1], which
>> has been deferred until a future version. Since this was considered, a new
>> “@import” mechanism was added [2], which might provide a good extension
>> point. This might look something like the following:
>>
>> {
>>   "@context":  {
>>     "@version": 1.1,
>>     "@import": "https://example.com/context-with-metadata",
>>     "@sri": "sha256-abcd",
>>     "@protected": true
>>   }
>> }
>>
>> Gregg Kellogg
>> gregg@greggkellogg.net
>>
>> [1] https://github.com/w3c/json-ld-syntax/issues/108
>> [2] https://www.w3.org/TR/json-ld11/#imported-contexts
>>
>> On Feb 12, 2020, at 10:57 AM, William Entriken <entriken@phor.net> wrote:
>>
>> Dear Working Group:
>>
>> I am working on standardization of token implementations on the Ethereum
>> blockchain and related projects. Our specifications ERC-721 and ERC-1155
>> depend on JSON-LD, specifically this is how we connect tokens to our data
>> (like 2018-mazda-with-vin-2938473947937..json) to our schemas (like
>> cars.json) using the "$schema" link.
>>
>> Our concern is that simply linking to a document ("$schema": ....) does
>> not provide integrity. Our workaround is an approach that is similar to the
>> W3C SRI specification. Our standard draft is at
>> https://github.com/ethereum/EIPs/pull/2477/files
>>
>> But we think this approach can be generalized and should be applicable to
>> other JSON-LD users.
>>
>> I would like to propose a specification for "$schemaIntegrity",
>> "@contextIntegrity" and other "@*Integrity" which allows publishers of data
>> to specify that they are making reference to specific versions of documents.
>>
>> Would discussion on such a feature be welcome here?
>>
>>
>> William Entriken
>>
>>
>>
>
> --
> Rob Sanderson
> Semantic Architect
> The Getty Trust
> Los Angeles, CA 90049
>

Received on Saturday, 15 February 2020 04:49:20 UTC