Jan 27 2008

Dear Lazyweb: Certificates in RDF?

Dear Lazyweb,

The project I’m working on will be using cryptographic certificates in a distributed web-of-trust model a little like that of PGP. It will also use certs as more than just proofs of identity. Given that I’ll be writing a lot of code using certs, I want to avoid the nastiness of X.509 whenever possible.

After thinking about this a while, it seems to me that RDF ought to be a good way to represent certs, since it describes arbitrary types of relationships between entities (e.g. FOAF), and allows them to be composed in complex ways. And there are a lot of tools available for parsing/storing/querying RDF.

Unfortunately, I know very little about RDF so far, or about the uses to which it’s being put. I’ve been looking, but I haven’t found any existing schema yet for using RDF for cryptographic certificates. Does anyone know of such a thing, or something related?

(The closest thing I know of is SDSI, a Simple Distributed Security Architecture, which was inspirational to me in showing how one can use general-purpose data structures like S-expressions to describe certs and form a web of trust. But SDSI and its successor SPKI seem to be dead, sadly, and nothing comparable has replaced them.)

Thanks,
—Jens

Update, 30 January:

No answer being forthcoming, and given the learning curve of RDF, I’m now pursuing the approach of representing certs in YAML. I also considered JSON, but YAML is essentially a superset of JSON that has some very useful features like tagging and aliasing.

This entry was posted on Sunday, January 27th, 2008 at 11:12 AM and is filed under Computers, Ideas, Social Software. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

4 Responses to “Dear Lazyweb: Certificates in RDF?”

Leave a Reply