- From: Graham Klyne <GK@ninebynine.org>
- Date: Wed, 03 Apr 2002 20:18:10 +0100
- To: "Jeremy Carroll" <jjc@hplb.hpl.hp.com>
- Cc: <reagle@w3.org>, <www-rdf-interest@w3.org>
Hi Jeremy, I, too, found Joseph's paper interesting. Taking your point about keys: I find that cryptosystems (possibly including PKI) are a useful way of _transferring_ or _conveying_ trust (under certain assumptions), but are singularly unhelpful for _establishing_ trust. On the matter of _what_ is signed, I have for some time felt that signing an RDF graph is a fairly meaningless, or at least not very helpful, concept. Signing an particular representation (serialization) of a graph seems to me to be enough to convey some notion of trust in the statements of the graph thus represented. In real-world signatures, it isn't the words in a contract that we sign, but (typically) a particular paper-based rendering -- I would apply the same principles to bit-based renderings. (For me, basing security on C14N is rather suspect, because C14N seems to be such a difficult target to pin down -- the fact that it may be possible for digital representations doesn't necessarily make it a good approach.) #g -- At 02:35 PM 4/3/02 +0100, Jeremy Carroll wrote: >Hi Joseph, > >I had a quick look through your paper and found some of it convincing, and >other bits less so. > >Briefly: > Preponderance Based Trust > compelling - and the crucial contribution of the paper IMO. > > Key Free Trust in the Semantic Web > I think this is mistitled. > Aren't you really talking about the absense of a Public Key >Infrastructure ... > AFAICS you still have lots of keys all over the place, it's just that >the traditional PKIs are replaced by a preponderance mechanism. > > Revocation > one of the least convincing parts of the paper > "However, there are possible solutions" hmmm > > > >Another issue is to do with quite what is being signed or digested. >Your work on XML C14N has permitted digital signatures and digests of XML >documents. > >You talk about digesting RDF statements, but really we are interested in >digesting sets of RDF statements, i.e. graphs. If these graphs have blank >(anonymous) nodes then we have difficulties. > >For an RDF graph currently has no canonical serialization. When considering >blank nodes, the RDF graph canonicalisation problem appears to be Graph >Isomorphism complete and is hence much harder than the XML canonicalization >problem. > >(See my >http://www.hpl.hp.com/techreports/2001/HPL-2001-293.html >for discussion about relationship between the graph isomorphism problem and >RDF graphs. >See my >http://www.hpl.hp.com/techreports/2001/HPL-2001-294.html >for discussion about serializing an RDF graph). > >Hope this helps a promising line of enquiry. > >Jeremy ------------------- Graham Klyne <GK@NineByNine.org>
Received on Wednesday, 3 April 2002 14:20:43 UTC