Web Of Trust RDF Ontology

RDF documents can make any number of statements. Without some kind of signature or other similar verification mechanism, there is no way to understand who made these statements. One way to document who made a set of statements is via the use of Digital Signatures: signing a document using Public Key Cryptography. The WOT, or Web Of Trust, schema is designed to facilitate the use of Public Key Cryptography tools such as PGP or GPG to sign RDF documents and document these signatures.

An example document utilizing all the classes and properties of the revised wot vocabulary.

<rdf:RDF xmlns="http://xmlns.com/wot/0.1/" 
  xmlns:foaf="http://xmlns.com/foaf/0.1/" 
  xmlns:dc="http://purl.org/dc/elements/1.1/" 
  xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> 
<foaf:Person>
  <foaf:name>Web Service (foaf.dk)</foaf:name> 
  <foaf:mbox_sha1sum>a714a83db77c6ce85211beb56599adf2c4eaa62f</foaf:mbox_sha1sum> 
  <wot:hasKey rdf:nodeID="KeyA" />
</foaf:Person>

<foaf:Document rdf:about="http://example.com/doc.html"> 
  <dc:title>Example Document</dc:title> 
  <assurance> 
    <Endorsement rdf:about="http://example.com/doc.html.asc"> 
      <dc:title>Detached signature for "Example Document"</dc:title> 
      <endorser rdf:nodeID="KeyA"/> 
    </Endorsement> 
  </assurance> 
</foaf:Document> 

<PubKey rdf:nodeID="KeyA"> 
  <hex_id>3756EA0B</hex_id> 
  <length>1024</length> 
  <fingerprint>04FFF3AC57DF217C6D383DBC0110FB923756EA0B</fingerprint> 
  <pubkeyAddress rdf:resource="http://foaf.dk/key.asc"/> 
  <identity> 
    <User> 
      <foaf:name>Web Service (foaf.dk)</foaf:name> 
      <foaf:mbox_sha1sum>a714a83db77c6ce85211beb56599adf2c4eaa62f</foaf:mbox_sha1sum> 
    </User> 
  </identity> 
  <signed> 
    <SigEvent> 
      <signer rdf:nodeID="KeyB"/> 
      <sigdate>2004-02-18</sigdate> 
    </SigEvent> 
  </signed> 
</PubKey> 

<PubKey rdf:nodeID="KeyB"> 
  <hex_id>E3C9EC9D</hex_id> 
  <length>1024</length> 
  <fingerprint>2A99C49F3482AECF1109FA52A6FF2FC2</fingerprint> 
  <identity> 
    <User> 
      <foaf:name>Morten Frederiksen</foaf:name> 
      <foaf:mbox_sha1sum>65b983bb397fb71849da910996741752ace8369b</foaf:mbox_sha1sum> 
    </User> 
  </identity> 
</PubKey> 

<EncryptedDocument rdf:about="http://example.com/doc.asc"> 
  <dc:title>Example Encrypted Document</dc:title> 
  <encryptedTo rdf:nodeID="KeyB"/> 
  <encrypter rdf:nodeID="KeyA"/> 
</EncryptedDocument> 
</rdf:RDF> 

Classes: | EncryptedDocument | Endorsement | PubKey | SigEvent | User |

Properties: | assurance | encryptedTo | encrypter | fingerprint | hasKey | hex_id | identity | length | pubkeyAddress | sigdate | signed | signer | sigtime |

Classes and Properties (full detail)

Class: wot:EncryptedDocument

Encrypted Document - An encrypted document intended for a set of recipients.
Status: unstable
in-domain-of:wot:encryptedTo wot:encrypter
A subclass of foaf:Document, this is the type for a document which is encrypted to a specific key or set of keys.

[back to top]


Class: wot:Endorsement

Endorsement - An endorsement resource containing a detached ascii signature.
Status: unstable
in-range-of:wot:assurance
The class for URIs which are detached signatures for a document.

[back to top]


Class: wot:PubKey

Public Key - A class used to represent a PGP/GPG public key for a user (an agent, person, group or organization).
Status: stable
in-range-of:wot:encryptedTo wot:encrypter wot:hasKey wot:signer
in-domain-of:wot:fingerprint wot:hex_id wot:identity wot:length wot:pubkeyAddress wot:signed
A class describing a PGP/GPG key. To describe the key, note that you should use dc:title, rather than linking to a wot:User. This keeps the information for these keys seperate, since wot:Users can be merged based on InverseFunctionalProperties like foaf:mbox.

[back to top]


Class: wot:SigEvent

Key Signing Event - An event describing the action of a public key being signed by some other public key.
Status: testing
in-range-of:wot:signed
in-domain-of:wot:sigdate wot:signer wot:sigtime
An event describing the signing of one key by another.

[back to top]


Class: wot:User

Key User - A user (agent, person, group or organization) of a PGP/GPG public key.
Status: stable
in-range-of:wot:identity
in-domain-of:wot:hasKey

No detailed documentation for this term.

[back to top]


Property: wot:assurance

Assurance - A property linking a document to an endorsement resource containing a detached ascii signature.
Status: stable
Domain: http://xmlns.com/foaf/0.1/Document
Range: wot:Endorsement

A link from a Document to a detached signature file for the file.

<rdf:Description rdf:about="">
  <wot:assurance rdf:resource="foaf.rdf.asc" />
</rdf:Description>

[back to top]


Property: wot:encryptedTo

Encrypted to - A property linking an encrypted document to a recipient.
Status: unstable
Domain: wot:EncryptedDocument
Range: wot:PubKey

A link from a Document to the Key it is encrypted to. This allows tools which can import encrypted information to know when a document is encrypted to that tool.

Example usage:

<rdfs:seeAlso>
  <wot:EncryptedDocument rdf:about="encrypted.rdf.asc">
    <wot:encryptedTo wot:hex_id="A401983F" />
  </wot:EncryptedDocument>
</rdfs:SeeAlso>

[back to top]


Property: wot:encrypter

Encrypted by - A property linking an encrypted document to the public key that was used to encrypt it.
Status: unstable
Domain: wot:EncryptedDocument
Range: wot:PubKey

No detailed documentation for this term.

[back to top]


Property: wot:fingerprint

Fingerprint - A public key hex fingerprint string (40 digits, white space insignificant).
Status: testing
OWL Type: An InverseFunctionalProperty (uniquely identifying property)
Domain: wot:PubKey
Range: http://www.w3.org/2001/XMLSchema#string
The output of gpg --fingerprint HexKeyID, or equivilant for other software packages, with all whitespace removed. All alpha characters should be capitalized.
C0036D11C5386757A45242B471AB077CA401983F

[back to top]


Property: wot:hasKey

has Key - A property to link a PubKey from a User
Status: testing
Domain: wot:User
Range: wot:PubKey

This property is designed to link from a wot:User to their wot:PubKey. This is especially useful as a property in conjunction with other schemas like FOAF, aimed at describing the aspects a user might store on their homepage.

Note that this property is not designed to point to the actual address of a Public Key, but rather to the URI identifying the PubKey class. Although these may be the same, it is still advisable to assert a wot:pubkeyAddress property attached to the PubKey, for tools which expect this.

[back to top]


Property: wot:hex_id

Hex identifier - A public key hex identifier string (8 digits).
Status: stable
Domain: wot:PubKey
Range: http://www.w3.org/2001/XMLSchema#string
An identifier string for a public key. This key is often used to identify the key, as it has ~4 billion possible values. Note that this is not an owl:InverseFunctionalProperty: there are multiple keys which have the same Key ID, even though there are significantly fewer than 4 billion keys in the public keyservers. This field should contain no whitespace, and should be listed in all capitals. An example is:
A401983F

[back to top]


Property: wot:identity

Identity - A property linking a public key to the user of the key.
Status: testing
Domain: wot:PubKey
Range: wot:User

A term identifying the wot:User of a wot:PubKey - the inverse of wot:hasKey. Useful for providing identifying information about the owner of a Key.

[back to top]


Property: wot:length

Length - A numeric string representing the length, in bytes, of a public key.
Status: stable
Domain: wot:PubKey
Range: http://www.w3.org/2001/XMLSchema#integer
Keys can have a length attached to them. Typical sizes range from 1024-4096 bytes. Longer keys are typically considered more difficult to break.

[back to top]


Property: wot:pubkeyAddress

Address - The location of an ascii version of a public key.
Status: testing
Domain: wot:PubKey
Range: http://xmlns.com/foaf/0.1/Document
A link from a Public Key to an ascii version of said key. It is usually acceptable to include other content in this file as well: so long as the ascii signature has a newline before and after it, tools should be able to import the key regardless of whether it is included in other content.

[back to top]


Property: wot:sigdate

Signature date - The date of a public key signature event.
Status: testing
Domain: wot:SigEvent
Range: http://www.w3.org/2001/XMLSchema#date

Date of a signature event. Examples format: 2005-05-12.

[back to top]


Property: wot:signed

Signed - A property linking a public key to a public key signature event.
Status: testing
Domain: wot:PubKey
Range: wot:SigEvent

Corresponding to the wot:signer property, this is designed to link from a signature event to the key which was signed, or the signee in the transaction.

[back to top]


Property: wot:signer

Signer - A property linking a public key signature event to the public key that was used to sign.
Status: unstable
Domain: wot:SigEvent
Range: wot:PubKey

When a signature event occurs, a specific key is the signing key. This property links from the event to that key.

[back to top]


Property: wot:sigtime

Signature time - The time (of day) of a public key signature event.
Status: unstable
Domain: wot:SigEvent
Range: http://www.w3.org/2001/XMLSchema#time

The time of a Signature event.

[back to top]