Re: WoT and JSON-LD Joint Session at TPAC

On Tue, Jul 25, 2023 at 6:07 AM Korkan, Ege <ege.korkan@siemens.com> wrote:
> I am part of the Web of Things Working Group and I am contacting you for a session to talk about JSON-LD relevant topics in the W3C TPAC.

Hi Ege, thank you for the kind invitation to collaborate on these
important topics. I'll be at W3C TPAC and would like to participate in
these discussions. Monday would be easier than Thu/Fri, but perhaps we
could do a joint session w/ the VCWG (that is tackling many of the
topics that you outline in your proposed topics for discussion).

I am providing a preliminary response to the topic questions below in
order to get as much of us up to speed as possible before meeting at
W3C TPAC:

> Canonicalization and Signing
> How can we use the JSON-LD canonicalization and signing mechanisms to guarantee authenticity of Thing Descriptions (in a TD Directory).

I expect that you might be able to use work being performed by the W3C
RCH WG and W3C Verifiable Credentials WG here. While the work is
focused on VCs, these are generalized canonicalization and signing
mechanisms that could be used to guarantee authenticity of TDs in a TD
Directory (each of these specifications is expected to go into
Candidate Recommendation during, or shortly after, W3C TPAC):

https://www.w3.org/TR/vc-data-integrity/
https://www.w3.org/TR/vc-di-eddsa/
https://www.w3.org/TR/vc-di-ecdsa/
https://www.w3.org/TR/rdf-canon/

Note that there are canonicalization mechanisms for both RDF-based
datasets and pure JSON-based datasets. This is an important
consideration for your JSON / JSON-LD parser topic below.

> Restricting prefixes for JSON (no JSON-LD) parsers
> There are more and more (protocol) vocabularies that we want to include in the TD spec (as a registry). However, we have TD Consumers/Parsers who are not JSON-LD processors. Ideally, we want to restrict what prefixes should be used in the TD for a given vocabulary. Are there any mechanisms for that, any potential pitfalls?

Yes, there are. We are using one such mechanism in the Verifiable
Credentials work (which locks JSON-LD Contexts to specific values,
which enables deterministic JSON-only processing):

https://w3c.github.io/vc-data-model/#base-context
https://w3c.github.io/vc-data-model/#vocabularies

> (related to the point above) Supporting JSON-LD without full JSON-LD processing

We are currently attempting to finalize what JSON-only processing
looks like here:

https://github.com/w3c/vc-data-model/pull/1202

WoT specifications could adopt similar language. We have multiple
implementations using this technique in the VC work.

> YAML-LD
> TDs are not limited to JSON serialization, which makes the recent work on the YAML-LD
> interesting for us. It would allow using features of YAML such as comments, while targeting
> more users who prefer YAML over JSON.

While I'm not involved in the YAML-LD work, everything above does
apply to it (if you do JSON-LD Processing). I will also note that
there is work on CBOR-LD as well, which has been deployed to
production and seems to be working well. Standardization of that,
however, is quite a ways off since we want to gather plenty of
real-world deployment experience before putting it on the standards
track at W3C:

https://docs.google.com/presentation/d/1ksh-gUdjJJwDpdleasvs9aRXEmeRvqhkVWqeitx5ZAE/edit

All this to say, if you use RDF Dataset Canonicalization, you can sign
once and losslessly transform the information model and signatures
to/from JSON-LD/YAML-LD/CBOR-LD.

> Linting
> API Description Linting is a recent topic of relevance (see https://stoplight.io/open-source/spectral) and since TDs are API descriptions of IoT devices, this topics will become important for us. Are there any mechanisms for JSON-LD or JSON-LD linting that would be of relevance to this topic?



> (Related to the breakout session below) How to work with a single source of truth for generating our spec? Currently, we use SHACL Shapes + handwritten template HTML and then we try to manually maintain a JSON Schema, JSON-LD context

There has been some work done in this area... but given that those
schema languages don't 100% overlap with one another, certain manual
processes need to be used today. The VC community uses yaml2vocab (to
auto-generate vocabularies), manually created JSON-LD Contexts (to
ensure proper semantic mapping of JSON terms to RDF), and manually
created JSON Schema files (to ensure proper syntax for JSON
documents).

> The WoT WG has already prepared a list of topics that are of importance to the WoT, which also need discussion together with the JSON-LD group(s). These topics are listed at https://www.w3.org/WoT/IG/wiki/Main_WoT_WebConf/2023_WoT_TPAC_Agenda#JSON-LD and we hope that you find them interesting and relevant for the JSON-LD group(s) as well.

Yes, these are of great interest to the JSON-LD/YAML-LD/CBOR-LD
community, as well as the W3C Verifiable Credentials Working Group,
and the W3C Credentials Community Group. We are all deeply involved in
addressing the topics that you listed in the WoT community and are
eager to share our experience and help in whatever way we can.

> JSON-LD CG slot on Monday 14:30

I believe we were not going to hold the JSON-LD CG slot, so could use
it for a joint WoT/VC/JSON-LD/YAML-LD/CBOR-LD meeting?

> WoT WG/IG slot on Thursday 14:30
> WoT WG/IG slot on Friday 14:30

These times overlap w/ VCWG, which many of us will be involved in.

> If you would like to participate in such a session, let me know by replying to this email, and feel free to forward this email to others who might be interested.

I'll try to see if VCWG is interested in participating as well. There
will probably be enough of us at W3C TPAC to ensure a good exchange of
information.

I hope the above is helpful and will help everyone prepare for the
meetings at W3C TPAC.

-- manu

-- 
Manu Sporny - https://www.linkedin.com/in/manusporny/
Founder/CEO - Digital Bazaar, Inc.
https://www.digitalbazaar.com/

Received on Tuesday, 25 July 2023 13:54:26 UTC