- From: Dan Brickley <danbri@danbri.org>
- Date: Fri, 11 Jun 2021 18:17:52 +0100
- To: Manu Sporny <msporny@digitalbazaar.com>
- Cc: semantic-web@w3.org
- Message-ID: <CAFfrAFrQgPyddzU39PcULp8-EPJQ8S+mJdHVS6h6tJo51dmsfg@mail.gmail.com>
On Fri, 11 Jun 2021 at 17:13, Manu Sporny <msporny@digitalbazaar.com> wrote: > Dan Brickley wrote: > > <file:/dev/🦖/RGMv1> rdf:value “hex sequence here” ^wikidata:Q5153426 . > > You've just described what Hashlinks do: > > https://datatracker.ietf.org/doc/html/draft-sporny-hashlink-07 > > Which we could use to generate triples of the form: > > <hl:zQmWvQxTqbG2Z9HPJgG57jjwR154cKhbtJenbyYTWkjgF3e> > schema:contentURL > <https://rgm.example/file.txt> . > > Or > > <https://rgm.example/file.txt> > sec:digest > "QmWvQxTqbG2Z9HP7...btJenbyYTWkjgF3e"^sec:multihash > > and then we could canonicalize those using RDH (there is a "simple > canonicalization" path in the algorithm when you don't have blank nodes to > contend with) and then express the signature using LDP and LDV. > > Doing so is fairly trivial, but doesn't address many of use cases listed in > the LDS WG Charter. > > If we put that in scope, Dan, would you be in favour of the charter? If we > do, > we should do that without poking XML Digital Signatures in the eye and > opening > all of those old wounds. Yeah, after sending it, I realized we also have data:URIs from 1996, which do much of the work too. https://datatracker.ietf.org/doc/rfc2397/ I appreciate your absolutely natural wariness of old wounds and the daunting heritage of XML Signature. But we do all seem to agree that the are a few options for trivial transformations that bring non-RDF content into an RDF form suitable for Linked Data Signing. I can believe that a new WG might not want to go anywhere near XML Signature. I do believe W3C team, TAG and AC as a body and AC reps individually have some responsibility to weigh these tradeoffs. W3C can’t afford to make many new frameworks for signing web content, so if this one is (like XML Signature) something that can sign any content but is named after the format its workings are written in, we ought to make that clear to AC in the charter. There are two reasons this work has “Linked Data” in the name. One is the special attention it gives to making RDF more usefully content hashable and signable, and the other is that its own data is expressed in RDF. Can we tease these two aspects apart a little? The former is just useful to get done for RDF folks regardless of signature, … but the latter piece (which is applicable, we agree, to all content) does seem to have the ingredients for being a modern successor to some subset of the sign-any-web-content goals of XML Signature, and perhaps browser / web platform usecases too. That is territory where people may be alienated by the commitment to RDF, of course. But it is also potentially a route to much greater impact for this work. Dan > > -- manu > > -- > Manu Sporny - https://www.linkedin.com/in/manusporny/ > Founder/CEO - Digital Bazaar, Inc. > News: Digital Bazaar Announces New Case Studies (2021) > https://www.digitalbazaar.com/ > > >
Received on Friday, 11 June 2021 17:19:35 UTC