[mdx] what to trust
Josh Howlett
Josh.Howlett at ja.net
Fri May 8 02:27:14 PDT 2009
> So what you say is that the only way to encode trust in
> metadata *internal* to a metadata aggregator is signatures.
> That might be true... I need to think about that.
I think there's another way:
http://www.oasis-open.org/committees/download.php/31109/sstc-metadata-at
tr-cd-01.html
You could include an assertion in the EntityDescriptor which acted as a
trust decoration.
My earliest thought was that an authentication assertion might be the
most appropriate vehicle for this, where the assertion bears a new
SubjectConfirmation method that binds the assertion crytographically to
the EntityDescriptor envelope (ie. using a signature calculated over
{elements of} the EntityDescriptor envelope).
An entity might have multiple instances of these assertions, injected
sequentially by different aggregators. This would allow a metadata
consumer to establish provenance.
However, metadata-attr-cd only supports attribute assertions. Of course,
you might be able to achieve a similar effect with attribute assertions,
but possibly at the risk of overloading the semantics.
josh.
JANET(UK) is a trading name of The JNT Association, a company limited
by guarantee which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG
More information about the mdx
mailing list