RE: Think Piece: Key Free Trust in the Semantic Web from Jeremy Carroll on 2002-04-03 (www-rdf-interest@w3.org from April 2002)

From: Jeremy Carroll <jjc@hplb.hpl.hp.com>
Date: Wed, 3 Apr 2002 14:35:46 +0100
To: <reagle@w3.org>, <www-rdf-interest@w3.org>
Message-ID: <JAEBJCLMIFLKLOJGMELDCEIOCDAA.jjc@hplb.hpl.hp.com>

Hi Joseph,

I had a quick look through your paper and found some of it convincing, and
other bits less so.

Briefly:
  Preponderance Based Trust
     compelling - and the crucial contribution of the paper IMO.

  Key Free Trust in the Semantic Web
    I think this is mistitled.
    Aren't you really talking about the absense of a Public Key
Infrastructure ...
    AFAICS you still have lots of keys all over the place, it's just that
the traditional PKIs are replaced by a preponderance mechanism.

  Revocation
     one of the least convincing parts of the paper
      "However, there are possible solutions" hmmm



Another issue is to do with quite what is being signed or digested.
Your work on XML C14N has permitted digital signatures and digests of XML
documents.

You talk about digesting RDF statements, but really we are interested in
digesting sets of RDF statements, i.e. graphs. If these graphs have blank
(anonymous) nodes then we have difficulties.

For an RDF graph currently has no canonical serialization. When considering
blank nodes, the RDF graph canonicalisation problem appears to be Graph
Isomorphism complete and is hence much harder than the XML canonicalization
problem.

(See my
http://www.hpl.hp.com/techreports/2001/HPL-2001-293.html
for discussion about relationship between the graph isomorphism problem and
RDF graphs.
See my
http://www.hpl.hp.com/techreports/2001/HPL-2001-294.html
for discussion about serializing an RDF graph).

Hope this helps a promising line of enquiry.

Jeremy






> -----Original Message-----
> From: www-rdf-interest-request@w3.org
> [mailto:www-rdf-interest-request@w3.org]On Behalf Of Joseph Reagle
> Sent: 02 April 2002 19:57
> To: www-rdf-interest@w3.org
> Subject: Think Piece: Key Free Trust in the Semantic Web
>
>
>
> Comments and suggestions are welcome!
>
> http://www.w3.org/2002/03/key-free-trust.html
>
> Key Free Trust in the Semantic Web
>
>  Does Google Show How the Semantic Web
>  Could Replace Public Key Infrastructure?
>
>  Joseph M. Reagle Jr., <reagle@w3.org>
>
>  Abstract
>
>  This document briefly introduces the topic of trusted semantic web
> applications that do not require the existence of an complex public key
> infrastructure. It derives from a discussion with Tim
> Berners-Lee, but I'm
> solely responsible for any errors. Furthermore, it's an early
> draft and I'm
> probably confused about innumerable things
>
>

Received on Wednesday, 3 April 2002 08:35:57 UTC