mention graph isomorphism in security considerations #259
Conversation
|
thank you @pchampin, this indicates potential Denial of Service issues (resource consumption). Might it also be worthwhile to specify the issue of Canonicalization on the Integrity side (e.g., in the case of the Verifiable Credentials)? |
This spec does not explicitly talk about canonicalization, which is the scope of RDF-CANON. But note that the new paragraph references the security considerations of RDF-CANON, where the mitigations are more developed (which is possible because RDF-CANON is about a specific algorithm, while the section in this PR has to remain very general, because that's the scope of RDF-CONCEPTS). |
|
|
||
| <p> | ||
| <a href="#graph-isomorphism">Comparing</a> graphs, | ||
| <a href="https://www.w3.org/TR/sparql12-query/">querying</a> them, |
There was a problem hiding this comment.
Good to mention that queries can be expensive but there are lots of ways to have expensive queries; better to say they can be expensive and not to focus on a specific situation.
There was a problem hiding this comment.
This paragraph is not about querying in general, it is about graph isomorphism.
Of course, other factors can make querying complex (or reasoning, for that matter), but then those would be in scope for the corresponding spec (SPARQL-QUERY or RDF-SEMANTICS).
I don't think that the current wording implies that graph isomorphism is the only source of complexity for these tasks.
There was a problem hiding this comment.
(graphs...) querying them, ... often relies on computing (sub)graph isomorphism
that text groups query with sub-graph isomorphism.
Isomorphism isn't even mentioned in SPARQL query.
There was a problem hiding this comment.
| <a href="https://www.w3.org/TR/sparql12-query/">querying</a> them, |
|
|
||
| <p> | ||
| <a href="#graph-isomorphism">Comparing</a> graphs, | ||
| <a href="https://www.w3.org/TR/sparql12-query/">querying</a> them, |
There was a problem hiding this comment.
(graphs...) querying them, ... often relies on computing (sub)graph isomorphism
that text groups query with sub-graph isomorphism.
Isomorphism isn't even mentioned in SPARQL query.
|
|
||
| <p> | ||
| <a href="#graph-isomorphism">Comparing</a> graphs, | ||
| <a href="https://www.w3.org/TR/sparql12-query/">querying</a> them, |
There was a problem hiding this comment.
| <a href="https://www.w3.org/TR/sparql12-query/">querying</a> them, |
| <a href="https://www.w3.org/TR/sparql12-query/">querying</a> them, | ||
| or <a href="https://www.w3.org/TR/rdf12-semantics/#simple_entailment_properties">reasoning</a> with them, | ||
| often relies on computing <em>(sub)graph isomorphism</em>, | ||
| which is known to be computationally complex in the worst case. |
There was a problem hiding this comment.
| which is known to be computationally complex in the worst case. | |
| which is known to be computationally complex in the worst case. | |
| <a href="https://www.w3.org/TR/sparql12-query/">Querying</a> graphs can also involve computationally complex operations. |
@simoneonofri this is a followup on our conversation
Preview | Diff