- From: Sandro Hawke <sandro@w3.org>
- Date: Sun, 10 Jun 2001 04:21:31 -0400
- To: "Larry Masinter" <lmnet@attglobal.net>
- Cc: www-rdf-logic@w3.org
> I'm not sure if this actually belong on www-rdf-logic,
> but I'm not sure where it does belong. So I guess I'll reply
> privately for now.
Sorry - I don't think I saw this message before - it got spooled on a
relay machine for some reason, and I just noticed it. I'm replying
cc'd the list again, because it seems relevant again.
> # You're right about tags. They are strings which can be used as
> # identifiers rather than being somehow identifiers by their nature.
> # The degree to which they denote something and the manner in which that
> # denotation is fixed or communicated is up to the person minting the
> # tag (and the people it gets sent to).
>
> In what way does the person minting the tag have any more a
> say than anyone else? What's to stop me from making assertions
> about tag:sandro@w3.org/1:my-dog, and why should Tim believe
> your assertions more than mine?
I think this is a facinating question.
I don't see tags providing any security -- I imagine the minter is
special only in that he knows who he is. This seems very useful in a
cooperative setting, and it's possible it's enough in a setting where
we have a working web of trust.
We need some good security use cases (threat models).
Have you followed the recent rdf-logic discussion about definitions
(T-Box) vs. assertions (A-Box) ? It seems relevant, but I can't
figure out how to apply it. When should my software should care
whether an assertion is "definitional"? All that matters is which
assertions come from sources I trust. I can see some human
convenience in the distinction, akin to Benjamin Grosof's Courteous
Logic, where one set of assertions holds only if it doesn't contradict
another set, but expressions in that logic can be mechanically
rewritten in ordinary logic, as I recall.
The only way I can imagine the identifiers themselves providing
security is if they are public keys. Specifically, I could identify
something as
defined-by-rsa-signed-with:1024,37,134103534205324523832714424519244279143189395408299010176674702035963444729570861198889177188642810494908188558990767297168036176671640115388612980176071562566786491390386203043577584819624249785468549339590181945782164773569504243700254919530830897472147861845443912990635439552471139753389584849076715163177,my-dog-taiko
and now we can say assertions signed with that public key are to be
considered definitional (for whatever good that might do us).
Obviously the other approach is to leverage off the web infrastructure
and use an identifier which includes a URI which one can use to lookup
some current definitional information. What's your favorite way to do
this?
http://www.hawke.org/#Taiko html page fragment id [eek!]
http://www.hawke.org/defs#Taiko rdf page mentioning Taiko
http://www.hawke.org/defsdir/Taiko rdf page all about Taiko
signified:Taiko,http://www.hawke.org/ re: html page about Taiko
This last one has come up several times before, and I still like it,
although I'm not sure what the scheme name should be. Its an
interesting excersize to try these with data: URI's instead of http:
ones, too.
-- sandro
Received on Sunday, 10 June 2001 04:21:49 UTC