- From: Steve Harris <steve.harris@garlik.com>
- Date: Tue, 28 Jun 2011 12:00:24 +0100
- To: Jeremy Carroll <jeremy@topquadrant.com>
- Cc: public-rdf-wg@w3.org
On 2011-06-28, at 01:31, Jeremy Carroll wrote: > On 6/27/2011 4:07 PM, Steve Harris wrote: >> >> You can only verify the signature of the graph at request time, but at that time you have access to the canonical byte stream anyway. >> > > why can you only verify at that point? In our case because that's all we needed, and it's most efficient. > Let's suppose we want an audit trail? For documents with a multi-million dollar value (current TQ customer requirement!) Then you would also need to archive the original byte steam. FWIW, our internal RDF documents also have a multi-million dollar value, but they don't require signatures at runtime, luckily. For one thing it would be impractical as they change thousands of times a second, and are huge. We do sign the periodic backups however. - Steve -- Steve Harris, CTO, Garlik Limited 1-3 Halford Road, Richmond, TW10 6AW, UK +44 20 8439 8203 http://www.garlik.com/ Registered in England and Wales 535 7233 VAT # 849 0517 11 Registered office: Thames House, Portsmouth Road, Esher, Surrey, KT10 9AD
Received on Tuesday, 28 June 2011 11:01:01 UTC