W3C home > Mailing lists > Public > www-archive@w3.org > March 2004

Re: Named graphs etc

From: Patrick Stickler <patrick.stickler@nokia.com>
Date: Mon, 15 Mar 2004 11:21:09 +0200
Message-Id: <189CD6FD-7662-11D8-A56E-000A95EAFCEA@nokia.com>
Cc: Dan Brickley <danbri@w3.org>, www-archive@w3.org, Pat Hayes <phayes@ihmc.us>, Chris Bizer <chris@bizer.de>
To: "ext Jeremy Carroll" <jjc@hplb.hpl.hp.com>


On Mar 12, 2004, at 23:14, ext Jeremy Carroll wrote:

>
>
> Dan Brickley wrote:
>
>> Just to de-lurk, yes this all makes sense. One technique that I 
>> believe to be deployable (even if a pragmatic hack) is PGP signing 
>> RDF files.
>> For eg see http://usefulinc.com/foaf/signingFoafFiles
>> PGP only assures that the file hasn't been changed since the signer 
>> interacted with it, doesn't assure that the signer asserts it. My 
>> working guess is that, if the doc itself claims that the signer is 
>> its creator, that is enough to bootstrap the claim that the signer 
>> asserts
>> the triples encoded in the rdf/xml.


Again, I think it's very important to keep separate the authenticity of
a graph from the intended usage of the graph by the 
owner/creator/publisher.

Just because a graph is signed, should not mean that it is explicitly
asserted (even if lots of agents might presume that it is).

Per my examples of conditional assertion, there can (and I expect will) 
be
lots of use cases where authenticity is important for non-asserted or
conditionally asserted graphs.

If we're introducing new machinery to address these issues, then there
is no justification for blurring distinctions that are/could be
significant just to have maximal reuse of existing machinery.

>> Potentially tenuous but I can't
>> think of how else to roll this stuff out...
>> Dan
>
> My guess is that with only a little bit of common practice to that 
> effect, that this would stand up in a court of law. A digital 
> signature is a pretty heavy duty device and is already understood as 
> the analog of a written signature - and if the RDF stacks up as saying 
> affirmed by Jeremy and I have digitally signed it as Jeremy, I think I 
> would have a hard time trying to repudiate it.
>

I agree. If there was an explicit claim of assertion. If there was only
a signature, then IMO all that would constitute is a test of origin
of the statements, not whether they reflect asserted claims.

I may sign my name on the inner jacket of a book, but that doesn't
mean I am asserting the claims made in the book -- only that I am
wishing to indicate ownership of the (copy of the) book.

If, however, I were to write "I affirm the claims expressed in this
book." above the signature, then that would be a different matter.

Origin of published content and assertion of claims (truth) are two
different things, and our machinery should capture that distinction.

> Jeremy (not digitally signed, not affirmed, take it or leave it!)

Likewise ;-)

Patrick


>
>
>
>

--

Patrick Stickler
Nokia, Finland
patrick.stickler@nokia.com
Received on Monday, 15 March 2004 04:21:34 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 22:32:25 UTC