Copyright © 2010-2011 W3C® (MIT, ERCIM, Keio), All Rights Reserved. W3C liability, trademark and document use rules apply.
Ontology for Certificates and crypto stuff.
This section describes the status of this document at the time of its publication. Other documents may supersede this document. A list of current W3C publications and the latest revision of this technical report can be found in the W3C technical reports index at http://www.w3.org/TR/.
This document is produced from work by the W3C WebID Incubator Group. This is an internal draft document and may not even end up being officially published. It may also be updated, replaced or obsoleted by other documents at any time. It is inappropriate to cite this document as other than work in progress. The source code for this document is available at the following URI: https://dvcs.w3.org/hg/WebIDThis document was published by the WebID XG as an Editor's Draft. If you wish to make comments regarding this document, please send them to public-xg-webid@w3.org (subscribe, archives). All feedback is welcome.
Publication as a Editor's Draft does not imply endorsement by the W3C Membership. This is a draft document and may be updated, replaced or obsoleted by other documents at any time. It is inappropriate to cite this document as other than work in progress.
This document was produced by a group operating under the 5 February 2004 W3C Patent Policy. W3C maintains a public list of any patent disclosures made in connection with the deliverables of the group; that page also includes instructions for disclosing a patent. An individual who has actual knowledge of a patent which the individual believes contains Essential Claim(s) must disclose the information in accordance with section 6 of the W3C Patent Policy.
An a-z index of Cert Ontology terms, by class (categories or types) and by property.
Classes: Certificate | PGPCertificate | PrivateKey | PublicKey | RSAKey | RSAPublicKey | Signature | X509Certificate
Properties: exponent | identity | key | modulus | privateExponent
Datatypes: hex
The evolution of the Cert Ontology is best considered in terms of the stability of individual vocabulary terms, rather than the specification as a whole. As terms stabilise in usage and documentation, they progress through the categories 'unstable', 'testing' and 'stable'. Older terms are marked 'archaic' which allows the possibility of older forms to become modern again.
@prefix : <http://www.w3.org/ns/auth/cert#> .
@prefix xsd: <http://www.w3.org/2001/XMLSchema#> .
@prefix foaf: <http://xmlns.com/foaf/0.1/> .
@prefix bob: <https://bob.example/profile#> .
@prefix rdfs: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
bob:me a foaf:Person;
foaf:name "Bob";
:key [ a :RSAPublicKey;
rdfs:label "made on 23 November 2011 on my laptop";
:modulus "00cb24ed85d64d794b69c701c186acc059501e856000f661c93204d8380e07191c5c8b368d2ac32a428acb970398664368dc2a867320220f755e99ca2eecdae62e8d15fb58e1b76ae59cb7ace8838394d59e7250b449176e51a494951a1c366c6217d8768d682dde78dd4d55e613f8839cf275d4c8403743e7862601f3c49a6366e12bb8f498262c3c77de19bce40b32f89ae62c3780f5b6275be337e2b3153ae2ba72a9975ae71ab724649497066b660fcf774b7543d980952d2e8586200eda4158b014e75465d91ecf93efc7ac170c11fc7246fc6ded79c37780000ac4e079f671fd4f207ad770809e0e2d7b0ef5493befe73544d8e1be3dddb52455c61391a1"^^xsd:hexBinary;
:exponent 65537 ;
] .
The Cert Ontology introduces the following classes and properties. There is a link at the top of this document to the RDF/XML and RDF/N3 versions.
Classes: Certificate | PGPCertificate | PrivateKey | PublicKey | RSAKey | RSAPublicKey | Signature | X509Certificate
Properties: exponent | identity | key | modulus | privateExponent
Datatypes: hex
[#] [back to top]
[#] [back to top]
[#] [back to top]
[#] [back to top]
[#] [back to top]
[#] [back to top]
[#] [back to top]
[#] [back to top]
[#] [back to top]
[#] [back to top]
The modulus of an RSA public and private key. Or the modulus of a DSA Key. The modulus is encoded as a hex binary. The binary is the same as the one encoded in the XML DSIG CryptoBinary
This specification defines the ds:CryptoBinary simple type for representing arbitrary-length integers (e.g. "bignums") in XML as octet strings. The integer value is first converted to a "big endian" bitstring. The bitstring is then padded with leading zero bits so that the total number of bits == 0 mod 8 (so that there are an integral number of octets). If the bitstring contains entire leading octets that are zero, these are removed (so the high-order octet is always non-zero).
The only difference is that the octet string is then encoded using either xsd:base64Binary or xsd:hexBinary. Currently for all usages of this relation, the xsd:hexBinary datatype should be used until the SPARQL working group specifies specifies in its D-Entailment that those two types are equivalent.
It would have been better had there been a hexInteger datatype that was standard and supported by all tools.
[#] [back to top]
[#] [back to top]
[#] [back to top]
An encoding of a positive integer (from 0 to infinity) as a hexadecimal string that makes it easy to read and/or fun to present on the web.
The purpose of this way of representing hexadecimals is to enable users to copy and paste hexadecimal notations as shown by most browsers, keychains or tools such as opensso, into their rdf representation of choice. There are a wide variety of ways in which such strings can be presented. One finds the following:
e1 dc d5 e1 00 8f 21 5e d5 cc 7c 7e c4 9c ad 86 64 aa dc 29 f2 8d d9 56 7f 31 b6 bd 1b fd b8 ee 51 0d 3c 84 59 a2 45 d2 13 59 2a 14 82 1a 0f 6e d3 d1 4a 2d a9 4c 7e db 90 07 fc f1 8d a3 8e 38 25 21 0a 32 c1 95 31 3c ba 56 cc 17 45 87 e1 eb fd 9f 0f 82 16 67 9f 67 fa 91 e4 0d 55 4e 52 c0 66 64 2f fe 98 8f ae f8 96 21 5e ea 38 9e 5c 4f 27 e2 48 ca ca f2 90 23 ad 99 4b cc 38 32 6d bf
Or the same as the above, with ':' instead of spaces. We can't guarantee that these are the only ways such tools will present hexadecimals, so we are very lax.
The letters can be uppercase or lowercase, or mixed.
Some strings may start with initial 00's, and can be stripped in this notation as they often are. Doing this could, in complement of 2 notation turn a positive number into a negative one, if the first hexadecimal character happens to be one of the set {'8', '9', 'a', 'A', 'b', 'B', 'c', 'C', 'd', 'D', 'e', 'E', 'f', 'F'} . As we interpret this string as a hexadecimal number leading 00s are not important (Complement of 2 notation and hexadecimal overlap for positive numbers)
In order to make this fun, we allow any unicode characters in the string. A parser should
This will allow people to make an ascii - better yet a UTF-8 - picture of their public key when publishing it on the web.
Cert hex is also a datatype property because we used to write it out like this
[] a rsa:RSAPublicKey;
rsa:public_exponent [ cert:hex "e1 dc d5 ..."]
The above notation is now deprecated. Now we prefer the literal format below.
[] a rsa:RSAPublicKey;
rsa:public_exponent "e1 dc d5 ..."^^cert:hex .
This relation should slowly be transited to just being a datatype.
Being a datatype and a property is legal as explained here on the semantic web mailing list in March 2010. But it may be somewhat confusing, especially if it goes against a pattern - still to be set - by the xsd datatypes as the follow up email makes clear.
[#] [back to top]
The following people have been instrumental in providing thoughts, feedback, reviews, criticism and input in the creation of this specification: