Re: PURL WebIDs from Kingsley Idehen on 2013-08-07 (public-lod@w3.org from August 2013)

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Wed, 07 Aug 2013 14:38:25 -0400
To: public-lod@w3.org
Message-ID: <52029421.3060500@openlinksw.com>
On 8/7/13 2:14 PM, Norman Gray wrote:
> Greetings.
>
> Replying to myself, here...
>
> On 2013 Aug 7, at 13:47, Norman Gray wrote:
>
>> (I don't think this would _quite_ work with purl.org right now, because of conneg intricacies, but it's near-as-dammit, and one can imagine a very similar service which did).
> This doesn't _quite_ work (I thought I might as well try, rather than merely speculate), but I suspect it's not far off.
>
> 1. I chose an alternative WebID <http://purl.org/nxg/webid>.
>
> 2. I created a new certificate using Nicholas Humfrey's script at <https://gist.github.com/njh/2432427>, entering the above PURL, and a suitably distinct name "Norman Gray (purl webid)", I think.  I let it import the new certificate into my (OS X) keychain.
>
> 3. I copied the script's generated RDF/XML to a Dropbox file,...
>
> 4. ...and created a link to it
>
> 5. I went to purl.org and created the above WebID as a 'See other URL (303)', giving the Dropbox link as the SeeAlso url.
>
> So: at this point, I have a WebID URL at purl.org which 303-redirects to a Dropbox URL which 302-redirects to another URL which returns RDF/XML which appears to me to conform to the WebID spec (I'm quietly impressed that this comes back down the wire with the correct application/rdf+xml content-type -- well done, Dropbox).
>
> If, however, I now go to <https://webid.turnguard.com/WebIDTestServer/debug> and choose this associated certificate, I get a blank page.  I suppose it's possible that webid.turnguard.com is presuming Turtle or RDFa, but ...ooh, Jürgen Jakobitsch is in this thread -- any ideas, Jürgen?
>
> ----
>
> Interestingly, none of steps 1, 2 and 3 involved the web (once I'd downloaded the script, that is), and specifically they did not involve a certificate-generating service); step 4 involved a service (Dropbox) I'm already familiar with; as did step 5, though admittedly that's a more exotic interest than Dropbox.
>
> Steps 1, 2 and 3 did involve a gist, running a shell-script, and cut-and-pasting a block of text into a file, but making that nicer is just a matter of UI design and the right scripting language.
>
> Hey -- this stuff is easy! (and nearly works)
>
> All the best,
>
> Norman
>
>
cURL dump:

Phase 1
======

curl --cert kidehen-webid-identity.pem --key kidehen-webid-identity.pem 
-k -i -L -H "Accept: text/turtle" http://purl.org/nxg/webid
HTTP/1.1 303 See Other
Date: Wed, 07 Aug 2013 18:36:54 GMT
Server: 1060 NetKernel v3.3 - Powered by Jetty
Location: https://www.dropbox.com/s/em39f989dbzo7w3/norman-purl-webid.rdf
Content-Type: text/html; charset=iso-8859-1
X-Purl: 2.0; http://localhost:8080
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 296


Phase 2
======

Enter PEM pass phrase:
HTTP/1.1 302 FOUND
Server: nginx
Date: Wed, 07 Aug 2013 18:36:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: locale=en; expires=Mon, 06 Aug 2018 18:36:58 GMT; Path=/
set-cookie: gvc=MjY0NDY1MDczOTA1NzQ1NzIzNzUwMTk4MDEzOTA3MDQyNDAxMjgy; 
expires=Mon, 06 Aug 2018 18:36:58 GMT; Path=/; httponly
set-cookie: t=HFaT9mwMamvK37_bpADvRYWy; Domain=dropbox.com; expires=Fri, 
06 Sep 2013 18:36:58 GMT; Path=/; secure; httponly
strict-transport-security: max-age=2592000; includeSubDomains
location: 
https://dl.dropboxusercontent.com/s/em39f989dbzo7w3/norman-purl-webid.rdf?token_hash=AAFbkHOpNAKxLmUXnTQb6WhyuRSgHAjduzlrYVE7idnS5A
pragma: no-cache
cache-control: no-cache
x-dropbox-http-protocol: None
x-frame-options: SAMEORIGIN
x-dropbox-request-id: 6c92c6f943374b7e2aedb3f18ff6efe6
X-RequestId: d888cbddb53e2b0feb0aa8626caa8330

Phase 3
======

Enter PEM pass phrase:
HTTP/1.1 200 OK
accept-ranges: bytes
cache-control: max-age=0
Content-Type: application/rdf+xml
Date: Wed, 07 Aug 2013 18:37:14 GMT
etag: 1417238725n
pragma: public
Server: nginx
x-dropbox-request-id: 418b5c24a5b7ac28201a05697f122a5f
X-RequestId: 17bb8ef12530a4bad9415fd2d8d5a42f
x-server-response-time: 190
Content-Length: 1103
Connection: keep-alive

<?xml version="1.0"?>
<rdf:RDF
  xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
  xmlns:cert="http://www.w3.org/ns/auth/cert#"
  xmlns:foaf="http://xmlns.com/foaf/0.1/">
   <foaf:Person rdf:about="http://purl.org/nxg/webid">
     <foaf:name>Norman Gray (purl WebID)</foaf:name>
     <cert:key>
       <cert:RSAPublicKey>
         <cert:modulus 
rdf:datatype="http://www.w3.org/2001/XMLSchema#hexBinary">C82301367C530F40C69BBAF6AB029569EACB67D9B468584AAEA5DBFBA0EAB00A19CD440421A0CFBF9C8B281EFEC6C0FD46AC9DED8B01BCBCDCCC746F697C34A2B2266701CA1D6614661BDDC9647BC1AF571DB0320546F9FFB243BDE57C6C8B645EC99190432167BA4432923E915D52265E2F2D6A7763CBD0A61B73837A3F6B6A1B76D94F2D9B10E70BB62DE30C308695AB74EE47BA31BE321B1AA050929720DF1FE3E5E541F087C1A18BDADE1114EADC898CB1B82CDA13A5FC82FF69322976BC89341538E7DE27329B7FEB2C8F7BF876515D71A970C45DC41B340A58E16B552F8C1585EFF79DB027455BCC7F6BA14DFB44444CE709A4CE52B0A8FAF146E5F50F</cert:modulus>
         <cert:exponent 
rdf:datatype="http://www.w3.org/2001/XMLSchema#integer">65537</cert:exponent>
       </cert:RSAPublicKey>
     </cert:key>
   </foaf:Person>
</rdf:RDF>


-- 

Regards,

Kingsley Idehen	
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen
Attachments

application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Wednesday, 7 August 2013 18:38:48 UTC