[
Lists Home |
Date Index |
Thread Index
]
Thomas B. Passin wrote:
>> How do you identify the source, associate it with the content, and
>> ensure
>> that the content hasdn't been modified? The classic way of doing
>> this is
>> with digital signatures; anyone in semweb area planning on doing
>> *anything* in this area?
>
>
> Oh, yes, it is on some people's minds. Signed rdf files would be one
> possibility, signatures that at least vouch for the supposed issuer of
> some rdf could fit in, etc., but it's still early days yet.
>
Yep, fyi, Edd Dumbill has done a little guide to PGP-signing FOAF
profiles [1]. Note the caveat:
[[
Of course, anyone can concoct a fake PGP key with your email address,
just as they can lie about who was the |dc:creator| of a file. What
makes the PGP signature useful is that PGP public keys hook into a web
of trust, so you can decide how much you trust what a person with
such-and-such a key asserts.
]]
Signing alone almost certainly isn't the whole solution, but one piece
in a greater puzzle.
Cheers,
Danny.
[1] http://usefulinc.com/foaf/signingFoafFiles
--
Raw
http://dannyayers.com
|