Re: Chartering work has started for a Linked Data Signature Working Group @W3C

On 5/25/21 9:29 AM, Manu Sporny wrote:
 > PFPS wrote:
 >> A big problem, in my view, is the impression being given that all the
 >> problems have been solved.  And not just solved but examined, signed off,
 >> and implemented.
 >
 > Let's put this false impression to rest, then. No one is saying we are 100%
 > sure that the problem has been solved and that there are no issues or errors
 > anywhere. Case in point: the LDP document lists a number of issues that need
 > further discussion in a WG setting.
 >
 > What is being stated is:
 >
 > 1. There has been peer-reviewed vetting of the algorithms
 >    being submitted as input to the LDS WG and there are no
 >    known fatal issues (these are the mathematical proofs,
 >    input documents, input implementations, and test
 >    suite).

OK, where is the peer-reviewed vetting of the algorithms in
https://w3c-ccg.github.io/ld-proofs/#algorithms?

 > 2. What exactly you would consider an appropriate "sign
 >    off" is unknown, there have been papers published and
 >    vetted and implemented with a test suite with all known
 >    attack strategies and multiple implementations
 >    passing... does that qualify as sign-off? I expect we'd
 >    also want to convene a WG and get the WG to sign off
 >    as well.

Extracts from https://lists.w3.org/Archives/Public/semantic-web/2021May/0143.html

From: Peter Patel-Schneider <pfpschneider@gmail.com>
Date: Fri, 21 May 2021 16:40:45 -0400
Message-ID: <008e4a71e6bf66b998f1643fd0767a267c19461c.camel@gmail.com>
To: Manu Sporny <msporny@digitalbazaar.com>, semantic-web@w3.org

I would be fine with any faculty member at a decent university whose
speciality is crypographic computer security saying that the algorithms
in https://w3c-ccg.github.io/ld-proofs/#algorithms are secure assuming
that the canonicalization algorithm works as stated.  Even better would
be that person also stating that the RDF dataset normalization
algorithm doesn't introduce any problems when used as a
canonicalization algorithm.

[...]

What I would like to see is some code and associated documentation that
says something like:

To sign a document that encodes an RDF dataset as in
https://w3c-ccg.github.io/ld-proofs/#proof-algorithm run
FOO document options key
where document is the name of a file containing a document that encodes
an RDF dataset, key is an X private key, and options contains a W key-
pair identifier with key as private key and a current date in UTC.
This will canonicalize the document using Y and sign the result using X
with key in such a way that any document encoding an RDF dataset
isomorphic to the one in the original document will have the same
signature.
A signed document will be output on standard output.

And similarly for the verification algorithm.

I didn't recognize this anywhere I looked.

End of extracts


And where is the test suite for these algorithms?


 > 3. It is clear that things have been implemented... I've
 >    pointed to those implementations previously... people
 >    are using those implementations in their products
 >    today.

Please provide a pointer to an direct implementation of the algorithms in
https://w3c-ccg.github.io/ld-proofs/#proof-algorithm

 > ... but none of that should give you (or anyone else here) the impression that
 > we're done. The reason we want to convene a LDS WG is to put all of this
 > through it's paces... we've done as much as can be reasonably expected outside
 > of an official WG... no one is saying "we're completely done", "there are no
 > problems", "we are 100% sure of the solution", or anything approaching those
 > statements. We want an LDS WG because we want to be able to come closer to
 > saying we're confident in the set of solutions under a set of circumstances
 > with a set of known security and privacy concerns. That's the closest we'll
 > ever get to being sure... security isn't about being 100% sure of everything,
 > it's about expected inputs under known conditions and probabilities of a
 > certain security layer not failing under that scenario.
 >
 > To reiterate the above:
 >
 > No one is saying "all the problems have been solved".
 >
 > What we are saying is that "We believe the input documents have received
 > enough vetting to be used as input into a LDS WG that will then do further
 > vetting to raise the probability that the solution isn't broken under known
 > inputs and conditions."

And I am saying that I haven't yet seen evidence of this for parts of the 
signing process.

 > -- manu

peter

Received on Tuesday, 25 May 2021 14:30:25 UTC