[rdfweb-dev] IM URIs

Dan Brickley danbri at w3.org
Sat Aug 2 11:05:54 UTC 2003


* Bill Kearney <wkearney99 at hotmail.com> [2003-08-02 06:20-0400]
[handy explanation snipped]
> What I'm *really* sensing here is we need some reliable universal way to swap
> data publicly that's been hashed or otherwise obfuscated that allows our
> software to untangle all this.  As in, use a group resource of some kind that
> understands the private hashes and helps act as an intermediary between you and
> the resource to with you want to connect.  A server that, when you give it a
> hash and it authenticates you, can either tell you the real address or sends
> some sort of notification to the intended recipient that expresses your
> interest.
> 
> The question then becomes is how to do we effectively markup that we're using
> hashed values and those values can be resolved via a 'known' mechanism of some
> kind?

My hunch is that it is probably time to take a more careful look at 
the XML Encryption and XML Signature work,
http://www.w3.org/Encryption/2001/
http://www.w3.org/Signature/

While a few of us have been looking at the use of PGP to sign or encrypt 
entire RDF/XML documents (FOAFbot notably supporting signatures), the 
use of XML Enryption promises a more fine-grained facility. If I understand 
correctly, it would give us a way of having chunks of signed or 
encrypted data as markup within a larger RDF/XML document. It's a while since 
I looked at those specs.

http://www.w3.org/Encryption/2001/#Code suggests that there is some code 
available, and I'd also suspect there ought to be some way of piggybacking
off of PGP/GPG to do similar things.

The XML Encryption page points to 
http://www-106.ibm.com/developerworks/xml/library/s-xmlsec.html/index.html
as a tutorial/intro, maybe that'll be a good place to start?

Dan



More information about the foaf-dev mailing list