Re: WebIDRealm RDFa from Jürgen Jakobitsch on 2012-01-04 (public-xg-webid@w3.org from January 2012)

From: Jürgen Jakobitsch <j.jakobitsch@semantic-web.at>
Date: Wed, 04 Jan 2012 20:49:47 +0100 (CET)
To: Peter Williams <home_pw@msn.com>
Cc: public-xg-webid@w3.org
Message-ID: <7e0b3f50-4b63-45cb-992e-2aa62f3914ff@zcs>
hi,

see inline comments and please also note again that i put the rdf parser online [1], so people
can test if there's some wrong when trying to parse the webID uri.

wkr http://www.turnguard.com/turnguard

[1] http://webid.turnguard.com/WebIDTestServer/utils/parser


1. worked for a cert bearing SAN URI of http://id.myopenlink.net/dataspace/person/home_pw#this 

is valid and the above mentioned parser parses this uri without hazzle.

2. not sure whether it worked with cert bearing: 

- http://yorkporc.blogspot.com/ # 
  - my parser says : java.net.URISyntaxException: Illegal character in path at index 29: http://yorkporc.blogspot.com/ #

- http://yorkporc.blogspot.com/2011/11/2uri.html#me 
  - my parser says : java.io.FileNotFoundException: http://yorkporc.blogspot.com/2011/11/2uri.html#me

- http://yorkporc.blogspot.com/ 
  - my parser says : javax.xml.transform.TransformerException: javax.xml.transform.TransformerException: com.sun.org.apache.xml.internal.utils.WrappedRuntimeException: The 
    entity name must immediately follow the '&' in the entity reference.

3. really struggled with cert bearing the following URIs: 

- http://rdf-translator.appspot.com/parse?url=http://rapstr1.blob.core.windows.net/ods/user.ttl&if=n3&of=rdfa 
  - my parser says : org.openrdf.rio.RDFParseException: Expected '<', found: 
  - try 
    curl -v "http://rdf-translator.appspot.com/parse?url=http://rapstr1.blob.core.windows.net/ods/user.ttl&if=n3&of=rdfa"
    ==> the response content type is text/plain (i have a fallback in my parser factory to rdf/xml, of course this then throws an error)

- http://rdf-translator.appspot.com/parse?url=http://rapstr1.blob.core.windows.net/ods/user.ttl 
  - my parser says : org.openrdf.rio.RDFParseException: Expected '<', found: C [line 1]
  - this url should give you an error even at rdf-translator.appspot.com
  - try 
    curl -v "http://rdf-translator.appspot.com/parse?url=http://rapstr1.blob.core.windows.net/ods/user.ttl"
    ==> response from appspot : Could not convert from application/turtle to  for provided resource...<br><br>Error Message:<br>No plugin registered for 
        (application/turtle, <class 'rdflib.parser.Parser'>)

- http://rapstr1.blob.core.windows.net/ods/user.ttl 
  - my parser says : org.openrdf.rio.RDFParseException: Content is not allowed in prolog. [line 1, column 1]
  - again try 
    curl -v "http://rapstr1.blob.core.windows.net/ods/user.ttl"
    ==> Content-Type: application/turtle




Yes, these are crafted to force engineering issues, since its a security spec. They also enable me to see if the smantics web's "bigger claims" are true (or getting there, anyways). 





4. All cases work at FCNS - assuming that its triple walking is a definitive statement of conformance. 

Checking ownership of certificate (public key matches private key)... PASSED (Reason: GENEROUS) 

* Checking if certificate contains URIs in the subjectAltName field... PASSED 

* Found 3 URIs in the certificate (a maximum of 3 will be tested). 

* Checking URI 1 (http://rdf-translator.appspot.com/parse?url=http://rapstr1.blob.core.windows.net/ods/user.ttl&if=n3&of=rdfa)... 
- Trying to fetch and process certificate(s) from webid profile... 
* Checking URI 2 (http://rdf-translator.appspot.com/parse?url=http://rapstr1.blob.core.windows.net/ods/user.ttl)... 
- Trying to fetch and process certificate(s) from webid profile... 
* Checking URI 3 (http://rapstr1.blob.core.windows.net/ods/user.ttl)... 
- Trying to fetch and process certificate(s) from webid profile... 
Testing if the modulus representation matches the one in the webid (found a modulus value)... 

Testing modulus... PASSED 
WebID=bd28978fc256880.......c0536bca7cd684d 
Cert =bd28978fc256880.......c0536bca7cd684d 

Match found, ignoring futher tests! 

* Authentication successful! 




5. The last one doesnt work at the OpenLink openid/webid bridge, failing to deliver a required fied in the openid message. 

6.The last one fails at http://id.myopenlink.net/ods/webid_demo.html?error=noVerified&ts=2012-01-04T14%3A25%3A22.000014-05%3A00&signature=M3yu7VgesSmkKMqqZER1qXZC2dt93NLRJ%2BmKbWTww1qxEd3atNWQo0DWBIO9PuHacAXZ2mZyT8RyhvNgEYrsz1DJrd%2FDmlkkXbFCR672QvpHxqvnNLAoHikvXaEfDIB3F55xdxeDS%2BFMvFvZe2QzwlVjUHqJ8OS2nWbUxMGU4tg%3D , too. Or, rather someone signed an error message (that is typically the gateway to crypto oracles...that subvert keys, 1940s style, 1 bit at a time) 


> Date: Wed, 4 Jan 2012 19:45:56 +0100 
> From: j.jakobitsch@semantic-web.at 
> To: public-xg-webid@w3.org 
> Subject: WebIDRealm RDFa 
> 
> hi, 
> 
> WebIDRealm [1] now also supports rdfa (not vastly tested). 
> maybe someone wants to give it a try. 
> 
> i now use a modified version of the unofficial openrdf-api-trunk's [2] RDFaParser. 
> since this rdfa parser uses a stylesheet for transformation, 
> i rewrote the trunk-version to respect w3 bandwidth concerns [3] using an XML CatalogResolver [4]. 
> 
> if your rdfa profile looks something like so [5] (check source) 
> it should be parseable. 
> 
> wkr http://www.turnguard.com/turnguard 
> 
> [1] http://webid.turnguard.com/WebIDTestServer/ 
> [2] http://repo.aduna-software.org/svn/org.openrdf/sesame/tags/3.0-alpha1/core/rio/rdfa/src/main/java/org/openrdf/rio/rdfa/RDFaParser.java 
> [3] http://www.w3.org/blog/systeam/2008/02/08/w3c_s_excessive_dtd_traffic/ 
> [4] http://nwalsh.com/docs/articles/xml2003/ 
> [5] http://2sea.org/sea.jsp#j 
> 
> 
> -- 
> | Jürgen Jakobitsch, 
> | Software Developer 
> | Semantic Web Company GmbH 
> | Mariahilfer Straße 70 / Neubaugasse 1, Top 8 
> | A - 1070 Wien, Austria 
> | Mob +43 676 62 12 710 | Fax +43.1.402 12 35 - 22 
> 
> COMPANY INFORMATION 
> | http://www.semantic-web.at/ 
> 
> PERSONAL INFORMATION 
> | web : http://www.turnguard.com 
> | foaf : http://www.turnguard.com/turnguard 
> | skype : jakobitsch-punkt 
> 

-- 
| Jürgen Jakobitsch, 
| Software Developer
| Semantic Web Company GmbH
| Mariahilfer Straße 70 / Neubaugasse 1, Top 8
| A - 1070 Wien, Austria
| Mob +43 676 62 12 710 | Fax +43.1.402 12 35 - 22

COMPANY INFORMATION
| http://www.semantic-web.at/

PERSONAL INFORMATION
| web   : http://www.turnguard.com
| foaf  : http://www.turnguard.com/turnguard
| skype : jakobitsch-punkt
Received on Wednesday, 4 January 2012 19:52:53 UTC