- From: Dan Brickley <danbri@danbri.org>
- Date: Mon, 31 Oct 2011 23:47:24 +0100
- To: Tim Berners-Lee <timbl@w3.org>
- Cc: Melvin Carvalho <melvincarvalho@gmail.com>, Henry Story <henry.story@bblfish.net>, Dominik Tomaszuk <ddooss@wp.pl>, WebID Incubator Group WG <public-xg-webid@w3.org>
On 31 October 2011 19:18, Tim Berners-Lee <timbl@w3.org> wrote: > > On 2011-10 -28, at 08:02, Melvin Carvalho wrote: > > But RDF is not trivial to sign if you have blank nodes. > > Well, typically when you sign something you also send it, > which involves serializing it, so you can sign the serialization. > Anyone who wants to check veracity can just check the document > in question. Yup, signing the serialization is a very well understood technique. It pushes some work into admin sometimes, but has the advantage of simplicity. And when security's involved that seems rather attractive. RDF graph canonicalization, when bnodes are in there, is anything but. Dan > (There is canonicalization of course as well, coming along, but that is a > different story) > Tim >
Received on Tuesday, 1 November 2011 06:09:22 UTC