RE: Think Piece: Key Free Trust in the Semantic Web

Hi Jeremy,

I, too, found Joseph's paper interesting.  Taking your point about keys:  I 
find that cryptosystems (possibly including PKI) are a useful way of 
_transferring_ or _conveying_ trust (under certain assumptions), but are 
singularly unhelpful for _establishing_ trust.

On the matter of _what_ is signed, I have for some time felt that signing 
an RDF graph is a fairly meaningless, or at least not very helpful, 
concept.  Signing an particular representation (serialization) of a graph 
seems to me to be enough to convey some notion of trust in the statements 
of the graph thus represented.  In real-world signatures, it isn't the 
words in a contract that we sign, but (typically) a particular paper-based 
rendering -- I would apply the same principles to bit-based 
renderings.  (For me, basing security on C14N is rather suspect, because 
C14N seems to be such a difficult target to pin down -- the fact that it 
may be possible for digital representations doesn't necessarily make it a 
good approach.)

#g
--

At 02:35 PM 4/3/02 +0100, Jeremy Carroll wrote:

>Hi Joseph,
>
>I had a quick look through your paper and found some of it convincing, and
>other bits less so.
>
>Briefly:
>   Preponderance Based Trust
>      compelling - and the crucial contribution of the paper IMO.
>
>   Key Free Trust in the Semantic Web
>     I think this is mistitled.
>     Aren't you really talking about the absense of a Public Key
>Infrastructure ...
>     AFAICS you still have lots of keys all over the place, it's just that
>the traditional PKIs are replaced by a preponderance mechanism.
>
>   Revocation
>      one of the least convincing parts of the paper
>       "However, there are possible solutions" hmmm
>
>
>
>Another issue is to do with quite what is being signed or digested.
>Your work on XML C14N has permitted digital signatures and digests of XML
>documents.
>
>You talk about digesting RDF statements, but really we are interested in
>digesting sets of RDF statements, i.e. graphs. If these graphs have blank
>(anonymous) nodes then we have difficulties.
>
>For an RDF graph currently has no canonical serialization. When considering
>blank nodes, the RDF graph canonicalisation problem appears to be Graph
>Isomorphism complete and is hence much harder than the XML canonicalization
>problem.
>
>(See my
>http://www.hpl.hp.com/techreports/2001/HPL-2001-293.html
>for discussion about relationship between the graph isomorphism problem and
>RDF graphs.
>See my
>http://www.hpl.hp.com/techreports/2001/HPL-2001-294.html
>for discussion about serializing an RDF graph).
>
>Hope this helps a promising line of enquiry.
>
>Jeremy

-------------------
Graham Klyne
<GK@NineByNine.org>

Received on Wednesday, 3 April 2002 14:20:43 UTC