RE: WebID test suite

one thing the spec does not state is what is correct behaviour when a consumer is prersented with a cert with multiple SAN URIs. If the test suite is run at site A (that cannot connect to a particular part of the interent, becuase of proxy rules) presumably the test suite would provide a different result to another site which can perform an act of de-referencing. This is a general issue. The degenrate case occurs for 1 SAN URI, obviously - since siteA may not be able to connect to its agent. Thus, the issue of 1 or more multiple URIs is perhaps not the essential requirement at issue. A variation of the topic occurs when a given site (B say) is using a caching proxy, that returns a cached copy of a webid document (even though that document may have been removed from the web). This is the topic of trusted caches, upon which it seems that webid depends. We would look silly if the average site grants access to a resource when the identity document has been removed from the web, yet cache continue to make consuemr believe that the identity is valid. At the same time, given the comments from the US identity conference (that pinging the internet during a de-referencing act is probably unsunstainable), caches seem to be required (so consuming sites dont generate observable network activity). This all seems to be pointing at the issue that we have a trusted cache issue at the heart of the webid proposal, and of course we all know that the general web is supposed to be a (semi-trusted at best) cache.  
 > From: henry.story@bblfish.net
> Date: Fri, 24 Jun 2011 13:37:26 +0200
> CC: foaf-protocols@lists.foaf-project.org
> To: public-xg-webid@w3.org
> Subject: WebID test suite
> 
> Hi,
> 
> In the spirit of test driven development, and in order to increate the rate at which we can evolve WebID, we need to develop test suites and reports based on those test suites.
> 
> I put up a wiki page describing where we are now, where we want to go.
> 
>   http://www.w3.org/2005/Incubator/webid/wiki/Test_Suite#
> 
> Please don't hesitate to improve it, and place your own library test end points up there - even if they 
> are only human readable.
> 
>   The next thing is to look at the EARL ontology I wrote and see if your library can also generate a test report, that folows the lead of the one I put up on bblfish.net. I expect a lot of detailed criticism, because I did just hack this together. As others implement their test reports, and as bergi builds his meta tests we will quickly notice our disagreements, and so be able to discuss them, and put the results into the spec.
> 
> 	Henry
> 
> Social Web Architect
> http://bblfish.net/
> 
> 
 		 	   		  

Received on Friday, 24 June 2011 16:46:06 UTC