You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@clerezza.apache.org by re...@apache.org on 2010/08/10 12:24:02 UTC
svn commit: r983918 - in
/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security.foafssl/ontologies/src/main/resources/org/apache/clerezza/foafssl/ontologies:
cert.n3 cert.rdf
Author: reto
Date: Tue Aug 10 10:24:01 2010
New Revision: 983918
URL: http://svn.apache.org/viewvc?rev=983918&view=rev
Log:
updated to newer version of cert ontology, using n3 as this is the maintaned version, fixed for havin terms in correct namespace
Added:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security.foafssl/ontologies/src/main/resources/org/apache/clerezza/foafssl/ontologies/cert.n3
Removed:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security.foafssl/ontologies/src/main/resources/org/apache/clerezza/foafssl/ontologies/cert.rdf
Added: incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security.foafssl/ontologies/src/main/resources/org/apache/clerezza/foafssl/ontologies/cert.n3
URL: http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security.foafssl/ontologies/src/main/resources/org/apache/clerezza/foafssl/ontologies/cert.n3?rev=983918&view=auto
==============================================================================
--- incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security.foafssl/ontologies/src/main/resources/org/apache/clerezza/foafssl/ontologies/cert.n3 (added)
+++ incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security.foafssl/ontologies/src/main/resources/org/apache/clerezza/foafssl/ontologies/cert.n3 Tue Aug 10 10:24:01 2010
@@ -0,0 +1,167 @@
+@prefix owl: <http://www.w3.org/2002/07/owl#> .
+@prefix foaf: <http://xmlns.com/foaf/0.1/> .
+@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
+@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
+@prefix wot: <http://xmlns.com/wot/0.1/> .
+@prefix xsd: <http://www.w3.org/2001/XMLSchema#> .
+@prefix vs: <http://www.w3.org/2003/06/sw-vocab-status/ns#> .
+@prefix dc: <http://purl.org/dc/terms/>.
+@prefix skos: <http://www.w3.org/2004/02/skos/core#> .
+@prefix : <http://www.w3.org/ns/auth/cert#> .
+
+
+: a owl:Ontology ;
+ dc:created "2008-11-13"^^xsd:date;
+ foaf:maker <http://bblfish.net/people/henry/card#me>;
+ vs:term_status "unstable";
+ rdfs:seeAlso <http://lists.foaf-project.org/mailman/listinfo/foaf-protocols>;
+ rdfs:seeAlso <X509Uml.svg>;
+ rdfs:seeAlso <rsa>;
+ rdfs:comment """
+ Ontology for Certificates and crypto stuff.
+ This is in development.
+ Some other ontologies to look at:
+ * http://www.w3.org/2000/10/swap/crypto
+ + has cwm builtins: http://www.w3.org/2000/10/swap/doc/Trust
+ - a bit old perhaps. It imports daml+oil
+ - would help to be more completely specified
+ - uses literals as subjects a little liberally, which makes this a
+ bit difficult to work with frameworks that don't permit this
+ * http://xmlns.com/wot/0.1/
+ - limited very much to PGP (though on can map PGP to X509)
+ - a little coarse grained, mixes up the PGP certificate with the PGP
+ public key
+ *
+ Todo:
+ - add some classes and relations for DSA
+ - should this all be in one file? Or should this be cut up a little? Say one file for the general CERT ontology, and then files for RSA, DSA, PGP, etc... Or perhaps it does not really matter?
+ - expand more on the certification side of things
+ - verify this by security experts
+ - owl2 has some constructs for combined inverse functional properties.
+ This may be useful to use in defining an RSA key which is identified
+ by two numbers.
+ - also create html version of the spec by using this as a template.
+ - should comments such as this be in html?
+ - add more todos
+ """.
+
+:Certificate a owl:Class;
+ vs:term_status "unstable";
+ rdfs:subClassOf foaf:Document;
+ rdfs:comment """A certificate is a Document that is signed.
+ As explained here http://www.pgpi.org/doc/pgpintro/#p16
+ 'A digital certificate consists of three things:
+ * A public key.
+ * Certificate information. ('Identity' information about the
+ user, such as name, user ID, and so on.)
+ * One or more digital signatures.'
+ """ .
+
+
+:X509Certificate a owl:Class;
+ vs:term_status "unstable";
+ rdfs:subClassOf :Certificate;
+ rdfs:seeAlso <http://en.wikipedia.org/wiki/X509>;
+ rdfs:comment "the class of X509 Certificates".
+
+:PGPCertificate a owl:Class;
+ vs:term_status "unstable";
+ rdfs:subClassOf :Certificate;
+ owl:equivalentClass wot:PubKey;
+ rdfs:comment "the class of PGP Certificates".
+
+:Signature a owl:Class;
+ vs:term_status "unstable";
+ rdfs:comment "the class of signtatures" .
+
+:Key a owl:Class;
+ vs:term_status "unstable";
+ rdfs:comment "the class of keys" .
+
+:PublicKey a owl:Class;
+ vs:term_status "unstable";
+ rdfs:comment "Public Key";
+ rdfs:subClassOf :Key .
+
+:PrivateKey a owl:Class;
+ rdfs:comment "Private Key" ;
+ rdfs:subClassOf :Key .
+
+:public_key a rdf:Property;
+ vs:term_status "unstable";
+ rdfs:comment """
+ relates the private key to the public key component, in a public/private
+ key pair.
+ """;
+ rdfs:domain :PrivateKey;
+ rdfs:range :PublicKey .
+
+:hex a owl:DatatypeProperty, rdfs:Datatype,
+ owl:InverseFunctionalProperty;
+ rdfs:label "hexadecimal"@en;
+ rdfs:seeAlso <http://en.wikipedia.org/wiki/Hexadecimal>;
+ owl:equivalentClass xsd:nonNegativeInteger;
+ rdfs:domain xsd:nonNegativeInteger;
+ rdfs:range xsd:string;
+ skos:editorialNote """
+ This relation should slowly be transited to just being a datatype.
+ Being a datatype and a property is legal as explained here
+ http://lists.w3.org/Archives/Public/semantic-web/2010Mar/0037.html
+ But it may be somewhat confusing, especially if it goes against a pattern - still to be set - by the xsd datatypes as the follow up email makes clear.
+ """@en;
+ rdfs:comment """
+ An encoding of a positive integer (from 0 to infinity) as a hexadecimal string that makes it easy to read and/or fun to present on the web.
+ The purpose of this way of representing hexadecimals is to enable users to copy and paste hexadecimal notations as shown by most browsers, keychains or tools such as opensso, into their rdf representation of choice. There are a wide variety of ways in which such strings can be presented. One finds the following
+
+ e1 dc d5 e1 00 8f 21 5e d5 cc 7c 7e c4 9c ad 86
+ 64 aa dc 29 f2 8d d9 56 7f 31 b6 bd 1b fd b8 ee
+ 51 0d 3c 84 59 a2 45 d2 13 59 2a 14 82 1a 0f 6e
+ d3 d1 4a 2d a9 4c 7e db 90 07 fc f1 8d a3 8e 38
+ 25 21 0a 32 c1 95 31 3c ba 56 cc 17 45 87 e1 eb
+ fd 9f 0f 82 16 67 9f 67 fa 91 e4 0d 55 4e 52 c0
+ 66 64 2f fe 98 8f ae f8 96 21 5e ea 38 9e 5c 4f
+ 27 e2 48 ca ca f2 90 23 ad 99 4b cc 38 32 6d bf
+
+ Or the same as the above, with ':' instead of spaces. We can't guarantee that these are the only ways such tools will present hexadecimals, so we are very lax.
+ The letters can be uppercase or lowercase, or mixed.
+ Some strings may start with initial 00's, and can be stripped in this notation as they often are. Doing this could, in complement of 2 notation turn a positive number into a negative one, if the first hexadecimal character happens to be one of the set {'8', '9', 'a', 'A', 'b', 'B', 'c', 'C', 'd', 'D', 'e', 'E', 'f', 'F'} . As we interpret this string as a hexadecimal number leading 00s are not important (Complement of 2 notation and hexadecimal overlap for positive numbers)
+ In order to make this fun, we allow any unicode characters in the string. A parser should
+ 1. remove all non hexadecimal characters
+ 2. treat the resulting as a hexadecimal representation of a number
+ This will allow people to make an ascii - better yet a UTF-8 - picture of their public key when publishing it on the web.
+ """@en;
+ vs:term_status "unstable" .
+
+:decimal a owl:DatatypeProperty,
+ owl:InverseFunctionalProperty;
+ vs:term_status "archaic";
+ rdfs:domain xsd:nonNegativeInteger;
+ rdfs:range xsd:string;
+ skos:editorialNote """
+ The name for this relation is not good. Even though Decimal is clearly defined as numbers in base 10 notation ( conf http://en.wikipedia.org/wiki/Decimal ), it is most often understood as refering to numbers with decimal fractions, which in cryptgraphic integer arithmetic do not turn up.
+ Instead one should use cert:int
+ """@en;
+ rdfs:comment """
+ An encoding of an integer in base 10 notation. Use cert:int instead.
+ """@en.
+
+:int a rdfs:Datatype;
+ vs:term_status "unstable";
+ owl:equivalentClass xsd:nonNegativeInteger;
+ skos:editorialNote """
+ We may decide to make it easier to write integers than what xsd:integer provides, if needed.
+ """@en;
+ rdfs:comment """
+ A positive integer in base 10 notation.
+ xsd:nonNegativeInteger could be used, but is a bit long to write, and may be too strictly defined.
+ This is here to provice a pair with cert:hex, to avoid needing to import a new namespace, and to give a bit more flexibility in the future.
+ """@en .
+
+:identity a rdf:Property;
+ vs:term_status "unstable";
+ rdfs:comment """
+ the identity of the public key. This is the entity that knows the private key and so can decrypt messages encrypted with the public key, or encrypt messages that can be decrypted with the public key. It can be an Agent, or an idirect identifier of an agent such as a foaf:OnlineAccount .
+ Should one specify the range as being the union of those two classes, or should one leave this open?
+ """;
+ rdfs:domain :PublicKey .
+