- From: Dave Longley <dlongley@digitalbazaar.com>
- Date: Thu, 09 Oct 2014 11:31:42 -0400
- To: public-webpayments@w3.org
On 10/09/2014 10:44 AM, Melvin Carvalho wrote: > I've been using GraphSignature2012 lately: > > https://web-payments.org/specs/source/vocabs/security.html#GraphSignature2012 > > I heard rumour that GraphSignature2014 was coming out this year. It may not be this year, but at least next. Once the RDF Dataset Normalization Algorithm spec is brought up to date and refined we'll likely have a new GraphSignature release -- and this work is scheduled to start sometime by the end of this year or early next. > > Anyone know if it's still the case? Or are there any details that can > be given -- are there limitations to the previous version etc.? > > There are a couple of issues we'd like to resolve with the current spec. They have to do with clarification and data armoring. 1. We need to clarify how to generate the signature; specifically, there are some the details about how to construct the signature in the Secure Messaging spec (https://web-payments.org/specs/source/secure-messaging/) that should be moved to the security vocabulary and then merely referenced by the Secure Messaging spec. 2. We need to better armor/delimit the component parts that go into the signature. 3. We may need to better armor/delimit some information used in the RDF Dataset Normalization algorithm and issue a new version of that algorithm as a result. -Dave -- Dave Longley CTO Digital Bazaar, Inc. http://digitalbazaar.com
Received on Thursday, 9 October 2014 15:31:18 UTC