- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Fri, 25 Jun 1999 16:04:37 -0400
- To: "Winchel 'Todd' Vincent, III" <Winchel@mindspring.com>
- Cc: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
At 03:15 PM 6/24/99 -0400, Winchel 'Todd' Vincent, III wrote: >So, while the digital signature give us pretty good assurance that the bits >and bytes have not been altered, this assurance is not exactly what we're >after -- what we really want is to make sure the meaning has not changed -- >i.e., that we have credible evidence. OIDS and URIs don't solve this problem in and of themselves. They merely make a resource addressable, and provide a useful hook for accessing/hanging semantics, including external meaning that is material to the original content. You have to do one of two things depending on what you want: 1. If you want that meaning to be available/assured with the same level of availability/assuredness of the content, it makes sense to make an institutional/policy commitment [2:Axiom 2b] to credibly preserve it (by inline expansion, packaging, caching or some such thing.) 2. If you want to detect if the meaning changed, you can include a hash of the resource next to the URI in the manifest. (lighter weight) Regardless, these only solve the problem for the person signing the document: making sure that other stuff didn't change. It doesn't solve the problem of meaning before a third party, like a court. Say I have a document.A, that references an external document.B that I don't control. Even if I include it in a package with my document and sign both, that merely means I'm asserting that document.B was at that URI. Maybe I'm lying and included a document not at the given URI but one of my own choosing! Similar to a real contract, all semantics need some level of independent third party verifiability. Schema designers might very well end up registering/time-stamping their schema at a reputable third party for such purposes. >The solution to this problem is to make Schema B unambiguous and set the >unambiguity in time. >me that application developers are largely ignoring OIDs. I was very >surprised to find that the Namespace Recommendation did not require URI to >be unique. I'm having difficulty understanding what "uniqueness" has to do with this. [1,2] [1] http://www.w3.org/DesignIssues/NameMyth.html [2] http://www.w3.org/DesignIssues/Axioms.html Axiom 1: Global scope: It doesn't matter to whom or where you specify that URI, it will have the same meaning. Axiom 2a: sameness: a URI will repeatably refer to "the same" thing Axiom 2b: identity: of URIs clears up the vagueness of 2a and is that the significance of identity for a given URI is determined by the person who owns the URI, who first determined what it points to. _________________________________________________________ Joseph Reagle Jr. Policy Analyst mailto:reagle@w3.org XML-Signature Co-Chair http://w3.org/People/Reagle/
Received on Friday, 25 June 1999 16:04:33 UTC