- From: Graham Klyne <Graham.Klyne@Baltimore.com>
- Date: Fri, 20 Jul 2001 12:54:30 +0100
- To: Brian McBride <bwm@hplb.hpl.hp.com>
- Cc: rdf core <w3c-rdfcore-wg@w3.org>
At 10:53 AM 7/20/01 +0100, Brian McBride wrote:
>I was chatting with a colleague to day and the subject of anon resources
>and provenance came up.
>
>Assume I recieve the following rdf from some source SOURCE, possibly with a
>digital signature:
>
> <rdf:Description>
> <foo:bar>foobar</foo:bar>
> </rdf:Description>
> <rdf:Description rdf:about="http://goo">
> <foo:bar><foobar</foo:bar>
> </rdf:Description>
>
>If were to represent this in my machine as:
>
> <gensym:1234> <foo:bar> "foobar" .
> <http://goo> <foo:bar> "foobar" .
>
>this is not the information that SOURCE signed - SOURCE made no assertion
>about <gensym:1234>. We'd have to be able to distinguish between the
>gensym'd URI and the 'real' one.
Some observations:
(1) A signature is applied to some particular document or data, not to the
information it contains or represents.
(2) Depending on the context in which the signature is applied, it conveys
some kind of assurance about the content of the document. It may assert
that the information represented by the document is true. It may convey
some different assurance about the document. (Joseph Reagle has some
thoughts about this: see <http://www.w3.org/TR/xmldsig-p3p-profile/>.)
(3) Ultimately, the assurance conveyed by a signature will apply, I think,
to the model theoretic interpretation of the information (in which, I
assert, genid's and other identifying forms will not generally be present).
#g
------------------------------------------------------------
Graham Klyne Baltimore Technologies
Strategic Research Content Security Group
<Graham.Klyne@Baltimore.com> <http://www.mimesweeper.com>
<http://www.baltimore.com>
------------------------------------------------------------
Received on Friday, 20 July 2001 08:01:26 UTC