iand at internetalchemy.org
Mon Feb 9 10:20:40 UTC 2004
Dan Brickley said:
> Yes, I think that'd be a good practice to encourage. For a large service
> to start doing this... it might force us to get a bit clearer on the
> semantics of data signing. Is the signer asserting the published content
> to be a true description of the world? Or just noting the content-hash
> for the version they published, so folks can be clear if it has been
> subsequently interfered with. I believe the latter, but we ought to be
I think the signature can only be used to prove authorship of the signed
content and that the content is unchanged. The author here is anyone with
access to the signing private key so it could be one or more agents.
I don't think there is any way to assert truth in data alone. The truth of
a statement is subjective.
More information about the foaf-dev