digitalsignature-brainstorming: Difference between revisions

From Microformats Wiki
Jump to navigation Jump to search
(moved content to its own page, this page is for brainstorming/ examples)
(Getting Discussion started)
Line 1: Line 1:
<h1>Digital Signatures</h1>
<h1>Digital Signatures Brainstorming</h1>
 
== Henrich Poehls ==


I would like to start discussing the possibility of digitally signing Microformatted content.  
I would like to start discussing the possibility of digitally signing Microformatted content.  
Line 6: Line 8:


This is part of ongoing research aiming to protect content, especially content that has been made machine-readable through the use of semantic annotations. I have plenty of ideas and further use cases.
This is part of ongoing research aiming to protect content, especially content that has been made machine-readable through the use of semantic annotations. I have plenty of ideas and further use cases.
* Why a new Microformat?
I think signing a "Microformat" (aka Microformatted Content) shall be possible within "Microformats" (so itself a microformat). Such as XML can be signed and the Signature stored in XML as well.
* Why signing Microformatted content?
Microformats facilitate reuse of semantically annotated content. It allows services and applications to cut&paste, convert, re-publish, link-to, cite Microformatted content. In any of these cases it might be interesting to see who the original author was. Additionally viewers want to verify authorship. Digital Signatures offer just this, Origin-Authentication.
* Why use digital signatures and not some [http://microformats.org/discuss/mail/microformats-discuss/2007-January/thread.html#8265 "Trace-Back-Mechanism"] 
Trace-back allows to find a "bigger", more complete version of Microformatted content. Trace-back only verifies that the pointer used for trace-back is now "self referencing". Trace-back will then verify the content's source based on a URI/URL.
IMHO this is a weaker "form of authenticity" than that achieved by a digital signatures.
Also digital signatures are more versatile:
* Digital signatures add authenticity without the need to trace links back to some URL, so reduces the overhead if the content at view is "authoritative enough".
* Digital signatures allow to add authority to content that is placed on foreign URLs (e.g. Signing your whole Comment you left on a foreing Blog).


== Discussion participants ==
== Discussion participants ==

Revision as of 17:38, 15 February 2007

Digital Signatures Brainstorming

Henrich Poehls

I would like to start discussing the possibility of digitally signing Microformatted content.

A Microformat carrying a digital signature could be used in conjunction with other already defined Microformats like hcard, hcalendar or hreview. As our proposed Microformat for digital signatures is content agnostic it can be used to build compound signed Microformats from all existing and future Microformats.

This is part of ongoing research aiming to protect content, especially content that has been made machine-readable through the use of semantic annotations. I have plenty of ideas and further use cases.

  • Why a new Microformat?

I think signing a "Microformat" (aka Microformatted Content) shall be possible within "Microformats" (so itself a microformat). Such as XML can be signed and the Signature stored in XML as well.

  • Why signing Microformatted content?

Microformats facilitate reuse of semantically annotated content. It allows services and applications to cut&paste, convert, re-publish, link-to, cite Microformatted content. In any of these cases it might be interesting to see who the original author was. Additionally viewers want to verify authorship. Digital Signatures offer just this, Origin-Authentication.

Trace-back allows to find a "bigger", more complete version of Microformatted content. Trace-back only verifies that the pointer used for trace-back is now "self referencing". Trace-back will then verify the content's source based on a URI/URL.

IMHO this is a weaker "form of authenticity" than that achieved by a digital signatures.

Also digital signatures are more versatile:

  • Digital signatures add authenticity without the need to trace links back to some URL, so reduces the overhead if the content at view is "authoritative enough".
  • Digital signatures allow to add authority to content that is placed on foreign URLs (e.g. Signing your whole Comment you left on a foreing Blog).


Discussion participants

  • Henrich C. Pöhls, University of Hamburg
  • Add your name if you feel you have made significant additions to the page.

Proposal/ overview

This page is a companion to digital-signatures. Please read that page first, and then return here to discuss and post ideas/ examples.