[OpenID] cryptographics web of trust

Peter Williams pwilliams at rapattoni.com
Mon Aug 20 03:44:40 UTC 2007


I believe I now have the right terminology identified -- to now outline a method applying FOAF and its RDF-reasoning to address the following open OpenID Auth security issue:-

		"Ideally, the OP-server would induce from this computation both a "forward wot path" and "reverse wot path". Each end doing a mutually-suspicious OpenID Auth run can then first rely on each other's DH key, once they done signature verification of the underlying FOAF/PGP file(s) byte streams."

The "SemWeb" RDF/SPARQL library I'm using offers sample code, shown below (abridged). It infers paths, across a graph from some domain of application. I need now to build a similar inference engine - to search out paths between foafnamed parties with FOAF files, wehre Person also has a foaf:openid and wot-identifed relation.
 
(When the other day I talked of a SPARQL "script", I now realize I was seeking out the "inference rules" and their RDF schema, for this "Euler" reasoning strategy)
 
To get practical now, I guess I have to decide on certain FOAF files to load into one triple store, where each Person must have foaf:openid and wot-identifed relations. Via one or more rounds of inference-based search, the process shall (a) determine is there at least one n-element path between 2 abitary foaf-names (b) pull the .asc file for each path element so as to check the pubkey hash matches the PGP file, (c) shall PGP-sign those PGP pubkeys , storing the sigblock in the local file system, (d) sign the proof-graph for use in OpenID Auth checkid response message.
 
        BNode angers = new BNode("angers"); BNode nantes = new BNode("nantes");
... [more nodes]
    
        Entity oneway = new Entity("http://www.agfa.com/w3c/euler/graph.axiom#oneway");
        Entity path = new Entity("http://www.agfa.com/w3c/euler/graph.axiom#path");
        
        dataModel.Add(new Statement(angers, oneway, nantes));
... [ more paths and one-ways]        

        string rules =
            "@prefix : <http://www.agfa.com/w3c/euler/graph.axiom#>.\n" +
            "\n" +
            "{ ?a :oneway ?b } => { ?a :path ?b } .\n" +
            "{ ?a :path ?b . ?b :path ?c . } => { ?a :path ?c } .\n";
        
        Statement question = new Statement(paris, path, nantes);                      // Create our question - a statement to test.        

        Euler engine = new Euler(new N3Reader(new StringReader(rules)));    // Create the Euler engine 
 
        foreach (Proof p in engine.Prove(dataModel, new Statement[] { question })) {  Console.WriteLine(p.ToString()); }




More information about the general mailing list