Cert Ontology and Alain Bourgeois' signatures in Solid

Dear CG,

I am writing to inform you of Alain Bourgeois' outstanding recent work on
the Solid project. Alain has added signatures to chat messages in Solid,
enhancing its security and functionality. Something that has been on the
wish list for many years.  You can find the details in the following link:

https://github.com/SolidOS/solid-ui/issues/546#issuecomment-1537189924

 # Actually
   :me cert:PrivateKey "string" # in a resource READ only for the owner
   :me cert:PublicKey "string"; # in an other resource Read only for
everybody:msgId cert:proofValue proofString;
   :msgId cert:proofValue proofString;

 # Could be replaced by
   :me cert:key keyString; # keystring is the private or publicKey
   :msgId cert:proofValue proofString;
 or
   :me solid:secp256k1PrivateKey keyString;
   :me solid:secp256k1PublicKey keyString;
   :msgId solid:schnorrSignature proofString; # could replace proofValue


Alain's implementation uses secp256k1 and Schnorr signatures, which have
become widely adpoted in recent years. These cryptographic methods are
suitable for signing, ECDH encryption, single sign-on, and other use cases.

The demo utilizes the Cert Ontology, which has not been updated for some
time, and it is unclear who has the authority to make modifications.

I suggest the following approach

1. Review the issue linked above and acknowledge Alain Bourgeois'
contribution to the Solid project.  Come up with a good fit for storing the
key material in cert:key or perhaps since it is a relatively short literal,
in a simple string tied to a webID (my preferred approach).

2. Identify individuals with the authority to update the Cert Ontology or
consider creating a new ontology
.
3. Implement necessary additions and fixes to the Cert Ontology for
compatibility with modern cryptographic techniques.

Thanks for taking the time to look at this.

Best
Melvin

Received on Wednesday, 10 May 2023 17:14:09 UTC