- From: Gavin Carothers <gavin@carothers.name>
- Date: Wed, 18 Jan 2012 09:33:16 -0800
- To: Sandro Hawke <sandro@w3.org>
- Cc: RDF-WG WG <public-rdf-wg@w3.org>
On Wed, Jan 18, 2012 at 7:36 AM, Sandro Hawke <sandro@w3.org> wrote: > What threat model is addressed by either the hash or the signature that > isn't address by using a bnode (and no crypto)? (maybe answer in > telecon; I probably wont read email before then.) If Alice wishes to clearly identify what it is she's endorsing, and doesn't want someone else to change it for her she needs to use a name that clearly refers to the exact triples she wishes to endorse, and provide a way of verifying that Alice said she endorsed them. The simplest and widely accepted way of uniquely identifying an exact set of bytes for endorsement is by using a hash. This has wide deployment in not only identifying bundles of bytes, but in the case of magnet URIs in RESOLVING to a bucket of bytes. > > -- Sandro > > On Tue, 2012-01-17 at 13:38 -0800, Gavin Carothers wrote: >> Also on Wiki at >> http://www.w3.org/2011/rdf-wg/wiki/Example_of_Endorsement_Use_Case >> >> ## Endorsement (3rd Use Case from Sandro) >> >> A system wants to convey to another system in RDF that some person >> agrees with or disagrees with certain RDF triples. >> >> ## Concrete Example >> >> Alice wants to say that she agrees that Bob is named Bob. >> >> Bob has stated in a foaf record that he is named Bob. He did so in a >> Turtle document he hosts on http://example.org/bob/foaf.ttl >> >> @prefix foaf: <http://xmlns.com/foaf/0.1/> . >> >> <#me> foaf:name "Bob", >> foaf:homepage <http://mytotallyfakesite.com> . >> >> Alice Requests the Turtle document. After reading it she decides that >> she wants to agree with Bob's name, but doesn't with to endorse the >> totally fake site as Bob's homepage. >> >> In order to use any sort of HMAC or other signing system Alice will >> need to produce a byte stream for the message. An example byte stream: >> >> 0000000 3c 68 74 74 70 3a 2f 2f 65 78 61 6d 70 6c 65 2e >> 0000010 6f 72 67 2f 62 6f 62 2f 66 6f 61 66 2e 74 74 6c >> 0000020 23 6d 65 3e 20 3c 68 74 74 70 3a 2f 2f 78 6d 6c >> 0000030 6e 73 2e 63 6f 6d 2f 66 6f 61 66 2f 30 2e 31 2f >> >> Or in ASCII: >> >> <http://example.org/bob/foaf.ttl#me> <http://xmlns.com/foaf/0.1/name> "Bob". >> >> Once Alice has the byte stream she uses it to compute a hash >> 64487b3448548b7c8a5cfaeb0147bf54. She also creates a full signature >> using her private key. She then writes this all down in a new TriG >> document: >> >> @prefix foaf: <http://xmlns.com/foaf/0.1/> . >> @prefix foo: <http://example.org/foo/> >> >> @base <http://example.org/alice> . >> >> { <#me> foo:endorces urn:md5:64487b3448548b7c8a5cfaeb0147bf54; >> foo:signature "SomeSigningBytes"; >> . >> } >> >> @base <http://example.org/bob/foaf.ttl> . >> >> urn:md5:64487b3448548b7c8a5cfaeb0147bf54 { >> <#me> foaf:name "Bob" . >> } >> >> Alice then sends the document to Charlie. Charlie is able to take the >> triples in the graph statement labeled >> urn:md5:64487b3448548b7c8a5cfaeb0147bf54 produce the same byte stream >> and verify both the hash and Alice's signature. >> >> ## Results >> >> I am unaware of any use case around endorsement or authority that >> would not require some level of cryptographic signing. Once going down >> that road it's easy to use the byte stream required by ANY HMAC system >> to name the set of triples. This sort of use of IRIs containing hashes >> for identity of arbitrary data is already in wide use today. >> http://en.wikipedia.org/wiki/Magnet_URI_scheme#URN.2C_containing_hash_.28xt.29 >> >> --Gavin >> >> > >
Received on Wednesday, 18 January 2012 17:33:48 UTC