- From: Peter F. Patel-Schneider <pfpschneider@gmail.com>
- Date: Thu, 13 May 2021 07:10:35 -0400
- To: Dan Brickley <danbri@danbri.org>
- Cc: semantic-web@w3.org
On 5/13/21 1:09 AM, Dan Brickley wrote: > > > On Thu, 13 May 2021 at 01:50, Peter F. Patel-Schneider > <pfpschneider@gmail.com <mailto:pfpschneider@gmail.com>> wrote: > > I was looking at https://w3c-ccg.github.io/ld-proofs/ > <https://w3c-ccg.github.io/ld-proofs/> and it seems to me that > there is a problem in the way that signed RDF datasets, a.k.a. signed > linked > data, are created. The problem appears to affect any encoded proof, not > just > signatures. > > Although the document is unnecessarily complicated by its reluctance to > call > an RDF graph an RDF graph, it appears that Section 10 signs a document that > encodes an RDF graph by canonicalizing the RDF graph, using a > canonicalization > that transforms isomorphic RDF graphs into the same form, and signing this > canonicalized form (which may or may not be an RDF graph). It then modifies > the document by extending the document with an encoding of several new > triples > all related to a new node that represents the signature. > > To verify a signature of a document that encodes an RDF graph, all triples > related to signatures are removed from the encoded graph then each > signature > is checked to ensure that it is a valid signature for the modified graph. > (Well, this is what should happen, but the verification algorithm > incorrectly > assumes that a set of signatures is the same as a single signature. > This is > not a serious problem and does not materially affect the points below.) > > But this does not work if the original graph that was being signed > includes a > signature, as this signature will be part of the signing but not the > verification. It also allows extra signatures to be added to the document > after signing, as these extra signatures will be removed before validation. > > So the signing method in https://w3c-ccg.github.io/ld-proofs/ > <https://w3c-ccg.github.io/ld-proofs/> appears to have > fatal problems, both failing to validate some correctly signed documents > and > validating some incorrectly signed documents. The former is bad but the > latter is just about the worst flaw that a signature method can have. > > > > Manu recently wrote > > “ RDF Graphs" -- those are not what this group is focusing on, they > create all sorts of provenance issues with the signed information... > this is why we pushed hard for RDF Datasets back in the day... we're > focusing on canonicalizing and generating proofs (e.g., digital > signatures) for RDF Datasets.” > > Wouldn’t an emphasis on RDF Datasets rather than Graphs make this kind of > thing pointless? No need to interfere with graphs when you have a way to > explicitly handle multiple graphs together as a Dataset? > > Dan > The problem is not RDF graphs vs RDF datasets or even RDF vs some nebulous linked data. The problem is much more elementary. If a document is signing something then it has to be clear what the document is signing. In https://w3c-ccg.github.io/ld-proofs/ <https://w3c-ccg.github.io/ld-proofs/> it is not clear what is being signed, as far as I can tell. This it what causes the failures I think I have noticed. peter
Received on Thursday, 13 May 2021 11:10:50 UTC