[rdfweb-dev] Which Person wrote this FOAF?
Bill Kearney
wkearney99 at hotmail.com
Tue Jul 29 22:07:57 UTC 2003
> To have such a construct would probably be a bad idea. There will never
> be guaranteed one source of information about anyone -- this is how the
> web works
No, this is not how the web works. If I'm the owner of www.example.com domain
it can reasonably assumed I "own" things referencing that domain. More so when
resources can be retrieved from said domain. Further cemented by being able to
use PKI to digitally verify it.
> and a fundamental assumption of FOAF -- so to codify such an
> expectation in the vocabulary is either: (a) incorrect, if foaf:file
> implies a 1:1 authoritativeness, or (b) redundant, if you don't imply a
> 1:1 relationship, you don't get any more than seeAlso gives you.
> It's also eminently fakeable. I could start littering the interweb with
> foaf:file statements for somebody else, pointing to files of my own
> invention.
>
> In short: foaf:file would tend to give false assurances that consuming
> software really can't support.
In that example, yes. But in the sense that multiple mechanisms ought to be
used to establish authenticity it's not unreasonable.
> > It could be used in statements about statements (i.e.
> > to say this info came from Foo's foaf file).
>
> Well, we can already record the URL we found the information at. If
> there's a foaf:maker or foaf:made property connected to that URL, we can
> record (unverified) author information. And if a verifiable digital
> signature is in place, we can then make a trust decision on that
> information, based on how much we trust the key we have for that person.
> I agree on this importance, but it does not necessitate creating
> something like a "foaf:file" term. maker, made and dig sigs can get us
> pretty far on in that.
+1 on Dsig and pki.
-Bill Kearney
More information about the foaf-dev
mailing list