- From: Patrick Stickler <patrick.stickler@nokia.com>
- Date: Mon, 15 Mar 2004 11:32:11 +0200
- To: "ext Pat Hayes" <phayes@ihmc.us>
- Cc: Dan Brickley <danbri@w3.org>, www-archive@w3.org, Chris Bizer <chris@bizer.de>, Jeremy Carroll <jjc@hplb.hpl.hp.com>
On Mar 13, 2004, at 04:37, ext Pat Hayes wrote: > >> Dan Brickley wrote: >> >>> Just to de-lurk, yes this all makes sense. One technique that I >>> believe to be deployable (even if a pragmatic hack) is PGP signing >>> RDF files. >>> For eg see http://usefulinc.com/foaf/signingFoafFiles >>> >>> PGP only assures that the file hasn't been changed since the signer >>> interacted with it, doesn't assure that the signer asserts it. My >>> working guess is that, if the doc itself claims that the signer is >>> its creator, that is enough to bootstrap the claim that the signer >>> asserts >>> the triples encoded in the rdf/xml. Potentially tenuous but I can't >>> think of how else to roll this stuff out... >>> >>> Dan >>> >> >> My guess is that with only a little bit of common practice to that >> effect, that this would stand up in a court of law. A digital >> signature is a pretty heavy duty device and is already understood as >> the analog of a written signature - and if the RDF stacks up as >> saying affirmed by Jeremy and I have digitally signed it as Jeremy, I >> think I would have a hard time trying to repudiate it. >> >> Jeremy (not digitally signed, not affirmed, take it or leave it!) > > Just to prove Patrick wrong, I hereby assert the contents of the above > emails. You've not proved me wrong. You've proved what you have misunderstood me to be proposing to be wrong, and I agree ;-) What I'm *actually* proposing, is fully compatible with the above. (a) Jeremy did not explicitly assert his graph (let's pretend the emails are graphs ;-) (b) Dan did not explicitly assert his graph (c) You explicitly asserted Jeremy's and Dan's graphs (d) You did not explicly assert your own graph (oops! ;-) Thus, we have no way to be sure if *any* of the graphs are asserted, since we can't know if your graph is asserted, which would then assert the other graphs. Furthermore, even if you had explicitly asserted your graph, we would still need that extra-RDF mechanism to allow your graph to be deemed to be asserted, and thus to then assert the other graphs. We also could have a very strict trust policy that would disregard third party assertions, taking as asserted only graphs which have first party assertions. > > Pat > > PS. Jeremy, surely you knew what you were doing when you formed a > group with two people named 'Patrick' in it? Right? Anyone who would collaborate with the two of us, Pat, surely is a hard-core masochist! ;-) Patrick -- Patrick Stickler Nokia, Finland patrick.stickler@nokia.com
Received on Monday, 15 March 2004 04:32:48 UTC