W3C home > Mailing lists > Public > public-xg-webid@w3.org > January 2012

Re: WebIDRealm RDFa

From: Jürgen Jakobitsch <j.jakobitsch@semantic-web.at>
Date: Wed, 04 Jan 2012 21:01:49 +0100 (CET)
To: Peter Williams <home_pw@msn.com>
Cc: public-xg-webid@w3.org
Message-ID: <2b2f706a-307d-4d0e-8ce9-282579600ca5@zcs>
hi again, 

please also note that 

http://yorkporc.blogspot.com/ 

is not valid xhtml+rdfa.

test it here http://validator.w3.org 

wkr http://www.turnguard.com


----- Original Message -----
From: "Peter Williams" <home_pw@msn.com>
To: "j jakobitsch" <j.jakobitsch@semantic-web.at>, public-xg-webid@w3.org
Sent: Wednesday, January 4, 2012 8:26:46 PM
Subject: RE: WebIDRealm RDFa


1. worked for a cert bearing SAN URI of http://id.myopenlink.net/dataspace/person/home_pw#this 

2. not sure whether it worked with cert bearing: 

http://yorkporc.blogspot.com/ # 
http://yorkporc.blogspot.com/2011/11/2uri.html#me 
http://yorkporc.blogspot.com/ 

3. really struggled with cert bearing the following URIs: 

http://rdf-translator.appspot.com/parse?url=http://rapstr1.blob.core.windows.net/ods/user.ttl&if=n3&of=rdfa 
http://rdf-translator.appspot.com/parse?url=http://rapstr1.blob.core.windows.net/ods/user.ttl 
http://rapstr1.blob.core.windows.net/ods/user.ttl 


Yes, these are crafted to force engineering issues, since its a security spec. They also enable me to see if the smantics web's "bigger claims" are true (or getting there, anyways). 

4. All cases work at FCNS - assuming that its triple walking is a definitive statement of conformance. 

Checking ownership of certificate (public key matches private key)... PASSED (Reason: GENEROUS) 

* Checking if certificate contains URIs in the subjectAltName field... PASSED 

* Found 3 URIs in the certificate (a maximum of 3 will be tested). 

* Checking URI 1 (http://rdf-translator.appspot.com/parse?url=http://rapstr1.blob.core.windows.net/ods/user.ttl&if=n3&of=rdfa)... 
- Trying to fetch and process certificate(s) from webid profile... 
* Checking URI 2 (http://rdf-translator.appspot.com/parse?url=http://rapstr1.blob.core.windows.net/ods/user.ttl)... 
- Trying to fetch and process certificate(s) from webid profile... 
* Checking URI 3 (http://rapstr1.blob.core.windows.net/ods/user.ttl)... 
- Trying to fetch and process certificate(s) from webid profile... 
Testing if the modulus representation matches the one in the webid (found a modulus value)... 

Testing modulus... PASSED 
WebID=bd28978fc256880.......c0536bca7cd684d 
Cert =bd28978fc256880.......c0536bca7cd684d 

Match found, ignoring futher tests! 

* Authentication successful! 




5. The last one doesnt work at the OpenLink openid/webid bridge, failing to deliver a required fied in the openid message. 

6.The last one fails at http://id.myopenlink.net/ods/webid_demo.html?error=noVerified&ts=2012-01-04T14%3A25%3A22.000014-05%3A00&signature=M3yu7VgesSmkKMqqZER1qXZC2dt93NLRJ%2BmKbWTww1qxEd3atNWQo0DWBIO9PuHacAXZ2mZyT8RyhvNgEYrsz1DJrd%2FDmlkkXbFCR672QvpHxqvnNLAoHikvXaEfDIB3F55xdxeDS%2BFMvFvZe2QzwlVjUHqJ8OS2nWbUxMGU4tg%3D , too. Or, rather someone signed an error message (that is typically the gateway to crypto oracles...that subvert keys, 1940s style, 1 bit at a time) 


> Date: Wed, 4 Jan 2012 19:45:56 +0100 
> From: j.jakobitsch@semantic-web.at 
> To: public-xg-webid@w3.org 
> Subject: WebIDRealm RDFa 
> 
> hi, 
> 
> WebIDRealm [1] now also supports rdfa (not vastly tested). 
> maybe someone wants to give it a try. 
> 
> i now use a modified version of the unofficial openrdf-api-trunk's [2] RDFaParser. 
> since this rdfa parser uses a stylesheet for transformation, 
> i rewrote the trunk-version to respect w3 bandwidth concerns [3] using an XML CatalogResolver [4]. 
> 
> if your rdfa profile looks something like so [5] (check source) 
> it should be parseable. 
> 
> wkr http://www.turnguard.com/turnguard 
> 
> [1] http://webid.turnguard.com/WebIDTestServer/ 
> [2] http://repo.aduna-software.org/svn/org.openrdf/sesame/tags/3.0-alpha1/core/rio/rdfa/src/main/java/org/openrdf/rio/rdfa/RDFaParser.java 
> [3] http://www.w3.org/blog/systeam/2008/02/08/w3c_s_excessive_dtd_traffic/ 
> [4] http://nwalsh.com/docs/articles/xml2003/ 
> [5] http://2sea.org/sea.jsp#j 
> 
> 
> -- 
> | Jürgen Jakobitsch, 
> | Software Developer 
> | Semantic Web Company GmbH 
> | Mariahilfer Straße 70 / Neubaugasse 1, Top 8 
> | A - 1070 Wien, Austria 
> | Mob +43 676 62 12 710 | Fax +43.1.402 12 35 - 22 
> 
> COMPANY INFORMATION 
> | http://www.semantic-web.at/ 
> 
> PERSONAL INFORMATION 
> | web : http://www.turnguard.com 
> | foaf : http://www.turnguard.com/turnguard 
> | skype : jakobitsch-punkt 
> 

-- 
| Jürgen Jakobitsch, 
| Software Developer
| Semantic Web Company GmbH
| Mariahilfer Straße 70 / Neubaugasse 1, Top 8
| A - 1070 Wien, Austria
| Mob +43 676 62 12 710 | Fax +43.1.402 12 35 - 22

COMPANY INFORMATION
| http://www.semantic-web.at/

PERSONAL INFORMATION
| web   : http://www.turnguard.com
| foaf  : http://www.turnguard.com/turnguard
| skype : jakobitsch-punkt
Received on Wednesday, 4 January 2012 20:04:52 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 4 January 2012 20:04:52 GMT