Re: [xdi] final (i hope) signature proposal

Dan, you showed something like this from a whiteboard in yesterday’s meeting - I can’t interpret what it is though.

{“=aa/=ra”:[{“$do/$get”:[“=aa<#email>”]}]}

So, the second example in Peter’s mail below successfully converts to XDI FLAT JSON (after repairing some invisible character problem in the last line)

(Peter credited the is# to something from Andy - Markus, should this be $is() or $is or is it correct? While I don’t think parens make sense in the name, that’s what we have in the ABNF currently)

+employer[<$key>]<@9><$notafter><$t>&/&/"2014-12-31T23:59:59”

{
  "+employer[<$key>]<@9><$private>/$is#": [
    "$pem"
  ],
  "+employer[<$key>]<@9><$public>/$is#": [
    "$pem"
  ],
  "+employer[<$sig>]<@22>/$is#": [
    "$sha$256$rsa"
  ],
  "+employer[<$sig>]<@22>/$key": [
    "+employer[<$key>]<@9><$public>"
  ],
  "=example/$sig(=example<$email><$work>&/&/\"example@employer.org\")": [
    "+employer[<$sig>]<@22>"
  ],
  "+employer[<$key>]<@9><$notafter><$t>&/&": "2014-12-01T23:59:59",
  "+employer[<$key>]<@9><$notbefore><$t>&/&": "2014-01-01T00:00:00",
  "+employer[<$key>]<@9><$private>&/&": "HWYS8fdj9ksK...",
  "+employer[<$key>]<@9><$public>&/&": "IDjsia9jdSJD...",
  "+employer[<$sig>]<@22>&/&": "PXBldGV...",
  "+employer[<$sig>]<@22><$sigdate><$t>&/&": "2014-05-30T09:02:32Z",
  "=example<$email><$work>&/&": "example@employer.org"
}

Note the reified triple (boldfaced) is represented as a whole string, i.e. the serialization does not recursively decompose embedded parenthesized expressions, and the quotes in its literal need to be escaped.

In fact the triple is a string which is identical between Display and FLAT except for escaping the quotes. So making the “notation shift” in Display Format itself but not in FLAT JSON seems incongruous. Drummond, is this what you were proposing?

In the meeting we discussed re-expressing as a statement with inner roots (parenthesized pairs) rather than parenthesized triples.

However, we’ve never done this with the parenthesized triple in the predicate position instead of object, so I’m not sure what the syntax would be, and I didn’t catch the example given in the meeting, if any.

I proposed allowing serializing a literal as a single address including the literal value itself. This is forbidden by current syntax but seems like it would be a consistent addition.

=example/$sig(=example<$email><$work>&"example@employer.org")/+employer[<$sig>]<@22>

Unknown serialization format.

=example/$sig(=example<$email><$work>"example@employer.org")/+employer[<$sig>]<@22>

Unknown serialization format.

=example/$sig=example<$email><$work>"example@employer.org"/+employer[<$sig>]<@22>

Unknown serialization format.

Suppose we allow this in the FLAT serialization by straightforwardly deleting /&/ :

{
  "=example/$sig(=example<$email><$work>&\"example@employer.org\")": [
    "+employer[<$sig>]<@22>"
  ]
}

This has little effect on the FLAT serialization’s JSON structure because the embedded parenthesized _expression_ is not at all decomposed by the serialization, but embedded within one string.

The problem would be passed through the JSON parsing, and on to interpretation of strings in display format.

On May 22, 2014, at 11:59 AM, Davis, Peter <Peter.Davis@neustar.biz> wrote:

first, thanks to all who contributed comments and feedback for this. I think we are now very close to a final workable proposal. below are two examples. the first is the subject signing the inner graph (=example/#friend). The second is an employer signing the work email address of =example. These examples also include the key material information found in the graph. not that the actual signature (assertion) in the work email example is stored in the employers graph (not the subject), though it could have just as easily been stored in the =example graph.

1 ——————

=example/$sig(=example/#friend)/=example[<$sig>]<@0>

=example[<$sig>]<@0>/$is#/$sha$256$rsa

=example[<$sig>]<@0>&/&/"PXBldGV..."

=example[<$sig>]<@0>/$key/=example[<$key>]<@4><$public>

=example[<$sig>]<@0><$sigdate><$t>&/&/"2014-05-30T09:02:32Z"

=example[<$key>]<@4><$public>&/&/"IDjsia9jdSJD..."

=example[<$key>]<@4><$public>/$is#/$pem

=example[<$key>]<@4><$private>&/&/"HWYS8fdj9ksK..."

=example[<$key>]<@4><$private>/$is#/$pem

=example[<$key>]<@4><$notbefore><$t>&/&/"2014-01-01T00:00:00"

=example[<$key>]<@4><$notafter><$t>&/&/"2014-12-31T23:59:59"

2 ——————

=example<$email><$work>&/&/"example@employer.org"

=example/$sig(=example<$email><$work>&/&/"example@employer.org")/+employer[<$sig>]<@22>

+employer[<$sig>]<@22>/$is#/$sha$256$rsa

+employer[<$sig>]<@22>&/&/"PXBldGV..."

+employer[<$sig>]<@22>/$key/+employer[<$key>]<@9><$public>

+employer[<$sig>]<@22><$sigdate><$t>&/&/"2014-05-30T09:02:32Z"

+employer[<$key>]<@9><$public>&/&/"IDjsia9jdSJD..."

+employer[<$key>]<@9><$public>/$is#/$pem

+employer[<$key>]<@9><$private>&/&/"HWYS8fdj9ksK..."

+employer[<$key>]<@9><$private>/$is#/$pem

+employer[<$key>]<@9><$notbefore><$t>&/&/"2014-01-01T00:00:00"

+employer[<$key>]<@9><$notafter><$t>&/&/"2014-12-31T23:59:59”

Peter Davis: Neustar, Inc.

Distinguished Engineer, Director, Neustar Foundry

45980 Center Oak Plaza Sterling, VA 20166

[T] +1 571 434 5516 [E] peter.davis@neustar.biz [W] http://www.neustar.biz/ [X] xri://@neustar*pdavis [X] xri://=peterd

The information contained in this e-mail message is intended only for the use of the recipient(s) named above and may contain confidential and/or privileged information. If you are not the intended recipient you have received this e-mail message in error and any review, dissemination, distribution, or copying of this message is strictly prohibited. If you have received this communication in error, please notify us immediately and delete the original message.

xdi message