[foaf-protocols] The case for massive simplification and foaf:key

Henry Story henry.story at bblfish.net
Tue Sep 21 16:28:38 CEST 2010

On 21 Sep 2010, at 03:15, Kingsley Idehen wrote:

>  On 9/20/10 7:24 PM, Nathan wrote:
>> Hi All,
>> I've been discussing off-list with Melvin and various others over the
>> past few months about many future uses of webid, public keys and various
>> implications of the way we are currently doing things.
>> To start, here's the proposal:
>>   :me foaf:key "DER-formatted-public-key"^^xsd:base64Binary .
> :me foaf:publicKey "DER-formatted-public-key"^^xsd:base64Binary .
> Otherwise we just continue to overload "key" and perpetuate confusion 
> re. public and private keys re. PKI.

I think there are many good reasons to have a foaf:publicKey relation
from an Agent to a public key. 
 - it allows query engines who index only the subject to get from 
   something they know, the WebID to the key very easily.
 - it makes for a cleaner foaf file (no need for rev relations)
 - it is more intuitive than cert:identity 

Leaving aside the issue of the DER formatted public key for the moment,
as that still needs to be worked out in detail, I am in favour of
adding that to the cert ontology

cert:publicKey a rdf:Property;
    rdfs:comment """
       a relation from an agent to a public key for which he alone has 
       the private key. This public key identifies that agent, allows him
       to decrypt messages sent to him with that key, and is able to sign
       messages with it too.
    rdfs:domain foaf:Agent;
    rdfs:range cert:PublicKey .

( though I think the name can still be debated).

I am also in favour of deprecating cert:identity, which to tell the truth
I never that much liked. 

Essentially that is just the inverse of cert:identity, so I could even

cert:publicKey owl:inverseOf cert:identity .

The wot:identity relations was needed I think more because the idea was to publish.

I think I can also just delete the current 

:public_key a rdf:Property;
    vs:term_status "unstable";
    rdfs:comment """
    relates the private key to the public key component, in a public/private
    key pair.    """;    
    rdfs:domain :PrivateKey;    
    rdfs:range :PublicKey .  

Which I don't think is used at all, and which I just put there initially as
I was trying to understand the working of the ontology.

Perhaps someone has a better name for a way of relating a public key to its private key?
I could imagine that to be useful for RDF key stores.


More information about the foaf-protocols mailing list