La inseguridad semántica: Seguridad y la Web Semántica

Today, the security of the Web is rapidly evolving, and the Semantic Web needs to put security and privacy concerns at the forefront of development. Yet current Semantic Web standards and ideas need to be updated to take into account security best practices, lest the Semantic Web encourage insecure and privacy-invasive programs. There's been lots of new developments over the last year: On the network level, flaws discovered using formal verification in TLS 1.2 led to a new version of TLS 1.3 at the IETF while on the Web level, and new APIs such as the Web Cryptography API and Web Authentication API at W3C will soon eliminate passwords. There are security issues inherent in the Semantic Web regarding the use of TLS, including flaws in approaches such as WebID+TLS and Linked Data Signatures. We'll suggest alternative approaches and fixes to the current W3C Semantic Web standard stack.