- From: Jon Hanna <jon@spin.ie>
- Date: Mon, 28 Jul 2003 18:39:23 +0100
- To: <www-rdf-interest@w3.org>
> A simple problem with this is: I can make an HTML page and publish it at > uri1. Additionally I can state (maybe in metadata inside the page) that > uri1 owl:sameAs <http://www.w3.org/>. > > If your browser retrieves this page through HTTP, it can conclude that > uri1 *really* is owl:sameAs <http://www.w3.org/>. Why? Because the > person who owns that URI (me) has made a statement to that effect. > > Even if everything that I claim about the resource identified by both > uri1 and <http://www.w3.org/> is in fact not true, that doesn't change > the fact that the two URIs identify the same resource; as the owner of > uri1, I can state that axomiatically, which makes it true... > > Therefore, following your logic, your browser could serve *anything* I > put up at uri1 when you ask it for <http://www.w3.org/>. (If > <http://www.w3.org/> denotes a web page, that's not a problem; I can > still create another URI to denote the same web page!) Who do you know? Who do you trust? Who said what? uri1Owner says uri1 is the same as w3.org. Do I trust uri1Owner? Even if I do, do I trust what uri1Owner has to say about w3.org (I may consider him honest but misinformed). Let's say dereferencing uri1 gives us the document: <html>W3.org is full of rubbish</html> It isn't valid HTML, but then is the author of the above going to care about valid HTML :) Well, say I don't agree with uri1Owner. I can put something on the web (semantic or otherwise) that says so: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head><title>My opinions of uri1Owner</title></head> <body><p>I don't agree with uri1Owner's opinions of w3.org</p></body> </html> I of course make my XHTML valid... This is all part and parcel of the way the web works and the freedom of speech which most of us enjoy to varying degrees depending on jurisdiction and ability to hire good lawyers. On the semantic web we are going to have the same freedom. It's pretty much impossible to prevent us having that freedom through technological means (and I sure as hell don't want to try to explain all this to my lawyer, as relatively l33t as she may be). For security reasons software dealing with this stuff should generally assume that most people are malicious and the rest are idiots as far as possible. To accept the identification of uri1 and http://www.w3.org/ I'm going to want either to be told this by somebody I trust, or at the very least be told this by both uri1Owner and the W3C (I would take the W3Cs word for it that what I can retrieve from uri1 is a valid representation of http://www.w3.org/, but not the inverse). Even in this case I would retry the URI I was given after the information on the identification of the same resource by the two URIs became stale. Existing mechanisms should be enough to prevent a security issue. > When clicking on the link, in the tradition of Web pages I'd still > expect to be taken to the Web page that the person of the link referred > me to, not to some other description of the same person. > > I think that this is described well by what Peter said-- when I make the > link in HTML, it not only represents a resource, but also gives a > particular point of view on that resource (in Peter's terms, an > intension). Yes, But that is application defined. If I opened up dirtDigger2.0[1] and fire in an email address I *want* lots of "I hate these people" style representations. Applications always provide there own semantics on top of whatever data is worked on. Some SemWeb applications might deliberately attempt to provide as little semantics of there own for obvious reasons, but in that case the user should be aware of this, and able to deal with the representations retrieved in an appropriate manner. In the case of simple link transversal, if there is information available that says that the URI in question (URI1) identifies the same resource as another (URI2) then: 1. There is no need to look at this information if dereferencing URI1 works in and of itself. Since this involves trusting at least one less principal than dereferencing URI2 this should be tried first. 2. Use of the triple linking the two URIs is an operation involving retrieved resources, as such security policies must be applied to the operation the same as any such operation on the web today. Generally this will result in our either trusting the link between the two URIs, not trusting it, or prompting the user as to whether we should trust it. This operation may be simple, may involve a complicated distributed trust system, or somewhere in between. 3. Use of the triple should be clear. Semantics should always be reflected back to the user in a meaningful way, in this case a message similar to that some browsers will display when moving between HTTP and HTTPS could be useful. The two URIs identifying the same resource isn't the issue, the assertion that they do so is, and the security implications of this must be dealt with similarly to any other assertions. [1] Is the phrase "digging dirt" internationally recognised, or am I using a colloquialism, anyway it means finding out scandalous information about someone.
Received on Monday, 28 July 2003 13:36:12 UTC