Re: HTTPS and the Semantic Web from Simon Spero on 2016-05-21 (semantic-web@w3.org from May 2016)

From: Simon Spero <sesuncedu@gmail.com>
Date: Sat, 21 May 2016 15:16:24 +0000
To: Nathan Rixham <nathan@webr3.org>
Cc: Harry Halpin <hhalpin@ibiblio.org>, Melvin Carvalho <melvincarvalho@gmail.com>, Pat Hayes <phayes@ihmc.us>, Phil Archer <phila@w3.org>, Semantic Web IG <semantic-web@w3.org>
Message-ID: <CADE8KM4=TdKsmitczK69vCTRK7ZGEYo+A7g4P9w==9RR0pQxmw@mail.gmail.com>
sameAs is correct, though under under the OWL Direct Semantics, it may  not
give all the desirable entailments if the IRI denotes a Class or *Property.
Using equivalentClass / equivalentProperty axioms gives desired result.

On the other hand, there is no specific reason not to continue using  http:
IRIs as names, and using a different protocol if those names are converted
to locators.

Simon


On Sat, May 21, 2016, 10:40 AM Nathan Rixham <nathan@webr3.org> wrote:

> Why not owl:sameas? Is it technically incorrect?
>
> If it's the correct property to use and widely understood + supported,
> saying it's been used incorrectly previously doesn't hold much weight as an
> argument against using it correctly to solve a web scale real world problem
> simply.
> On 21 May 2016 2:28 pm, "Simon Spero" <sesuncedu@gmail.com> wrote:
>
>> There is no necessary between an IRI used in any position in an RDF
>> triple, and any #$InformationBearingObject that may be returned as a result
>> of  interpreting the  lexical form of such an IRI as a set of procedural
>> directives.
>>
>> There is thus no reason why  Stigmergic Web applications cannot interpret
>> these lexical forms such that they perform different actions, with no
>> required changes anywhere else.
>>
>> Meet the new sameAs, same as the old sameAs.
>>
>> Simon
>> On May 21, 2016 12:53 AM, "Harry Halpin" <hhalpin@ibiblio.org> wrote:
>>
>>> Given that the Semantic Web use of HTTP URIs basically means that any
>>> use of 'follow your nose' is easily subverted by anyone with access to the
>>> raw HTTP stream, we should just update the Semantic Web specs and reasoners
>>> so that TLS is enforced by default and HTTP = HTTP(S).
>>>
>>> While it is true that some normal web-pages *can* serve different
>>> content at TLS than non-TLS, it's currently considered pathological.
>>>
>>> If the Semantic Web doesn't gracefully deal with the upgrade from HTTP
>>> to TLS, it will date itself quite quickly and will not be usable for any
>>> real-world usage (notice almost all major sites now are moving to TLS)
>>> outside of enterprise use within a firewall or usages where there's no
>>> 'follow your nose' effort. In the latter case, I'm not sure if using HTTP
>>> URIs makes sense to begin with.
>>>
>>> Note that the upgrade should be relatively cost-free, see the "Let's
>>> Encrypt" effort for free TLS certs.
>>>
>>> On Fri, May 20, 2016 at 6:04 PM, Pat Hayes <phayes@ihmc.us> wrote:
>>>
>>>>
>>>> On May 20, 2016, at 5:02 PM, Nathan Rixham <nathan@webr3.org> wrote:
>>>>
>>>> ....
>>>> An x:alias predicate which asserts that one name (IRI) is an alias of
>>>> another name (IRI) would be very useful. <a#b> x:alias <c#d> .
>>>>
>>>> An x:canonical predicate which asserts <a#b> x:alias <c#d> . and that
>>>> <a#b> is the preferred IRI more useful still.
>>>>
>>>>
>>>> Just an observation - it may be that practical needs override formality
>>>> - but this is not legal according to the RDF semantics. The truth of a
>>>> triple aaa R bbb depends only on what the IRIs in the triple, in particular
>>>> aaa and bbb, *denote*, not on their syntactic form. So x:alias would have
>>>> the same semantics as owl:sameAs (and we all know what happened to *that*
>>>> when it got out into the wide world.)
>>>>
>>>> We could sneak around this by declaring (contrary to the normative
>>>> semantics, but still...) that x:alias is a new kind of property, one that
>>>> quotes its arguments and is therefore referentially opaque. There would
>>>> have been a time when I would have opposed this idea with some vigor, but
>>>> age has mellowed me. And the internal semantic coherence of the Web can
>>>> hardly get worse than it is already, so what the hell.  Just be ready for
>>>> the truly awful muddle that will arise when x:alias bumps into owl:sameAs
>>>> and reasoners try to figure out what the consequences might be.
>>>>
>>>> A better solution would be to invent, and have everyone adopt[**], a
>>>> IRI-quoting-IRI convention, something like x:theIRI# , with the semantics
>>>> that x:theIRI#someOtherIRI always denotes someOtherIRI. (Maybe this would
>>>> need some clever character-escaping? I leave that to others to work out.)
>>>> Then x:theIRI#a#b x:alias x:theIRI#c#d would mean what you want to express,
>>>> above.
>>>>
>>>> Pat Hayes
>>>>
>>>> [**] There's the rub, of course.
>>>>
>>>>
>>>> Using syntax shortcuts you could add the following triple to the turtle
>>>> document at https://www.w3.org/1999/02/22-rdf-syntax-ns#
>>>>
>>>>    rdf: x:canonical <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
>>>>
>>>> Result:
>>>> <http://www.w3.org/1999/02/22-rdf-syntax-ns#> a owl:Ontology .
>>>> <https://www.w3.org/1999/02/22-rdf-syntax-ns#> a owl:Ontology .
>>>>
>>>>
>>>> Point 2:
>>>>
>>>> Using a 307 redirect for the semantic is nice, but practically click
>>>> http://www.w3.org/ns/dcat# and you are redirected, refresh and you
>>>> find the client does use the redirected url for subsequent requests.
>>>>
>>>> As a general person or developer search w3.org for dcat and the
>>>> results are https://www.google.com/search?q=site:w3.org%20dcat - the
>>>> url listed is the https url.
>>>>
>>>> Usage of the https IRIs will enter the web of data ever increasingly,
>>>> whether people say the http one should be used or not.
>>>>
>>>> Point 3:
>>>>
>>>> Practically taking a simple real world step like migrating to a CDN
>>>> will often give http/2+tls thus https IRIs automatically.
>>>>
>>>> Test case:
>>>>
>>>> Alice has a wordpress/drupal site that publishes RDF automatically. She
>>>> doesn't know about the RDF.
>>>> Alice clicks the "free CDN" button in her hosting account.
>>>> Alice now has https and http IRIs in RDF on both http:// and https://
>>>> protocols.
>>>>
>>>> Personally I cannot think of anything easier than as best practise
>>>> adding a single triple to rdf documents when migrating protocols. Anything
>>>> within the black box will fail and be implemented incorrectly.
>>>>
>>>> On Sat, May 21, 2016 at 12:42 AM, Melvin Carvalho <
>>>> melvincarvalho@gmail.com> wrote:
>>>>
>>>>>
>>>>>
>>>>> On 20 May 2016 at 20:08, Phil Archer <phila@w3.org> wrote:
>>>>>
>>>>>> Not a moan about spam, or a CfP, but an actual discussion point, yay!
>>>>>>
>>>>>> I've just blogged about our use of HTTPS across www.w3.org which
>>>>>> raises some questions for this community. Please see
>>>>>> https://www.w3.org/blog/2016/05/https-and-the-semantic-weblinked-data/
>>>>>
>>>>>
>>>>> On the one hand more security is a nice to have, but on the other,
>>>>> Cool URIs dont change.  It's really hard to estimate the cost, and
>>>>> unintended consequences of changing URIs.  But my feeling is that we
>>>>> systematically underestimate it.
>>>>>
>>>>> IMHO, It's kind of a shame that http wasnt made secure, and that a new
>>>>> scheme https was invented.
>>>>>
>>>>>
>>>>>>
>>>>>>
>>>>>> Comments welcome.
>>>>>>
>>>>>> Thanks
>>>>>>
>>>>>> --
>>>>>>
>>>>>>
>>>>>> Phil Archer
>>>>>> W3C Data Activity Lead
>>>>>> http://www.w3.org/2013/data/
>>>>>>
>>>>>> http://philarcher.org
>>>>>> +44 (0)7887 767755
>>>>>> @philarcher1
>>>>>>
>>>>>>
>>>>>
>>>>
>>>> ------------------------------------------------------------
>>>> IHMC                                     (850)434 8903 home
>>>> 40 South Alcaniz St.            (850)202 4416   office
>>>> Pensacola                            (850)202 4440   fax
>>>> FL 32502                              (850)291 0667   mobile
>>>> (preferred)
>>>> phayes@ihmc.us       http://www.ihmc.us/users/phayes
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
Received on Saturday, 21 May 2016 15:17:04 UTC