- From: Joseph M. Reagle Jr. (W3C) <reagle@w3.org>
- Date: Wed, 07 Apr 1999 17:22:48 -0400
- To: "John Boyer" <jboyer@uwi.com>
- Cc: <rdbrown@globeset.com>, "Dsig group" <w3c-xml-sig-ws@w3.org>
At 02:02 PM 4/7/99 -0700, John Boyer wrote:
>Actually, you are not pushing too far here at all. This is a real and
>sticky issue-- a Pandora's Box, if you will. ...
>In legal circles, it is of value to demonstrate 'best effort' in proving
the
>authenticity and authorization of a transaction. Signed XML can guarantee
>these things in any context short of assuming that the software used by the
>signer was 'unauthorized' by the manufacturer but was instead modified
>specifically to trick the signer....
>This, of course, is where signed XML stops and signed code starts.
Just as an aside, I think your analysis is quite accurate, we will have to
exercise some degree of discipline so as to not fall into a semantic
rat-hole. (I'm just waiting for a contention to be addressed by someone
saying, "You're just playing semantics... <smile>).
For those interested, last year, I looked at some of the WG consensus,
policy, and legal issues associated with schema design, and ended up
focussing the whole paper on semantics, in a way sometimes parrallel to your
text above. [1] This isn't just an issue common to signed-XML though,
signed-XML just prompts the issue in the most explicit way.
Eskimo Snow and Scottish Rain: Legal Considerations of Schema Design
[1] http://cyber.law.harvard.edu/people/reagle/md-policy-design-19990206.html
I've already described the benefits of syntactic
interoperability: any application can understand the
structure of a document the first time it encounters it.
Semantic interoperability gives us more. It allows us
to take the semantics that associate invoking a
payment application from a <purchase> tag and
understand and share that as well. Whereas no one
conceived of online grocery shopping, my agent
might already be familiar with recipes, as well as
buying computer parts, there is no reason it can't buy
ingredients (recipe parts) on-line! The more meaning
(how to agree, how to invoke, how to buy) we
capture in computer understandable schemas, the
more they will be able to help us. The authors of
[CKR98] described this characteristic well:
And yet the ability to combine resources
that were developed independently is an
essential survival property of technology in
a distributed information system.... In his
keynote address at Seybold San Francisco
[Berners-Lee, 1996], Tim Berners-Lee
called this powerful notion "intercreativity".
Presently, the most reasonable way to define
operations and methods as part of a schema is to
rely upon Remote Procedure Calls, object oriented
network repositories, or computer languages like
Java. How these might be best integrated into syntax
and other semantic definition languages is an
ongoing area of research.
___________________________________________________________
Joseph Reagle Jr. W3C: http://www.w3.org/People/Reagle/
Policy Analyst Personal: http://web.mit.edu/reagle/www/
mailto:reagle@w3.org
Received on Wednesday, 7 April 1999 17:23:05 UTC