Cryptographic authentication of VOEvents

Norman Gray norman at astro.gla.ac.uk
Sun Sep 9 23:44:30 PDT 2012


Roy, hello.

On 2012 Sep 9, at 22:14, Roy Williams wrote:

> There are changes to the XML that do not change the meaning -- eg. the nature of the quote marks, as you point out. But there are wider changes that can be made, for example if there is a URL in the VOEvent, does it change the meaning to replace it with a different URL that has the same data at the end of it? This is what is wanted for caching of popular events.

Intuitively yes, these would have a different meaning, and (reassuringly, perhaps) they would be normalised to a different document in the scheme I described.

Whenever you define a normalisation scheme (or canonicalisation -- can anyone articulate a distinction between the terms?), you define a set of documents which are 'equivalent' in the very specific and limited sense that they produce the same normalised form.  Nothing more complicated than that.

If you define that in a sensible way, then they will all have the same 'meaning', but that's a different idea.  We could head there, but we don't have to get involved in such abstractions.  

The normalisation scheme that I described is insensitive to quotes and to quite a lot of whitespace.  It's also (as it happens) insensitive to whether you typed "a<b", "a<b" or "<!CDATA[a<b]]>".  It is, on the other hand, sensitive to the difference between "<p>a</p>" and "<p>b</p>" (it would be a bit daft if it weren't).

> More practically, some practitioners wish that VOEvent had been / will be rebuilt as a JSON file: is that now different enough to render the signature invalid? I guess it all depends if the transformation is sufficiently lossless of the meaning.

I don't think we have to talk about 'meaning' here (and please, let's not -- people tend to get very unprofitably excited when anyone starts talking about Meaning).

Parenthesis: But you raise an interesting point.  I don't _think_ this would be a good idea, but it would be _possible_ to define a transformation from JSON to the ESIS format I mentioned, which would enlarge the set of equivalent wire-documents from XML to JSON.  Would that be useful?  I'm not sure, but in any case it's possibly a distraction right now.

> Of course you are right that changing the nature of the quote marks in XML is a lossless transformation. But it is the beginning of a slippery slope, a slope that many people want to slither down, that leads to a big Pandora's Box filled with Cans of Worms. If we can replace the quote marks in the XML, let's also replace the URLs, let's also change to JSON, etc etc. 

There's no slippery slope here.  Pick a normalisation algorithm (as I've demonstrated, that's a lot easier than it may sound); define therefore a set of equivalent documents; write the algorithm down and fix it.  Job done.

Are you at AI12 this week, Roy?

See you,

Norman


-- 
Norman Gray  :  http://nxg.me.uk
SUPA School of Physics and Astronomy, University of Glasgow, UK



More information about the voevent mailing list