- From: Peter Williams <home_pw@msn.com>
- Date: Wed, 4 Jan 2012 12:22:42 -0800
- To: <j.jakobitsch@semantic-web.at>
- CC: "public-xg-webid@w3.org" <public-xg-webid@w3.org>
- Message-ID: <SNT143-W58299B00AEB5B34E9DD00292970@phx.gbl>
Our conformance-like "test site" disagrees. It also disagrees with Henrys site (which refuses to even handle the URI, of that form). * Checking URI 1 (http://yorkporc.blogspot.com/)... - Trying to fetch and process certificate(s) from webid profile... Testing if the modulus representation matches the one in the webid (found a modulus value)... Testing modulus... PASSED WebID=b94692148969aeb.......c165dfa03526b25 Cert =b94692148969aeb.......c165dfa03526b25 Match found, ignoring futher tests! * Authentication successful! Now, (0) its not too fussy on subtelties (or not ) of URIs, hash tags (an intentional test case) (1) obviously, the test site is NOT insisting on validatable data source (can webid work with the web as is, not just specialised semantic web sites). (2) is the test site what other developers are SUPPOSED to do (be as liberal as it...); is it "sponging" and making up for formal flaws? (3) isnt the unique concept of RDFa supposed to be that its consumer-grade cut & paste (vs machine produced) into the likes of blog sites (full of non-conforming crap, typically) (4) isnt this only going to get worse, with the HTML5 doctype and use of semantic markup there? This is why I find semantic web engineering so hard. There is no standard of correctness. Just 10 things that sometimes work, and sometimes do the same thing as the 7 others. Noone is allowed to define correctness (probably becuase it leads to million message threads on core computer science). Everything has to kept vague and indefinite (to maximize crawling for Google's benefit, but make bit-perfect security IN A FOAF PROTOCOL very hard to attain). > Date: Wed, 4 Jan 2012 21:01:49 +0100 > From: j.jakobitsch@semantic-web.at > To: home_pw@msn.com > CC: public-xg-webid@w3.org > Subject: Re: WebIDRealm RDFa > > hi again, > > please also note that > > http://yorkporc.blogspot.com/ > > is not valid xhtml+rdfa. > > test it here http://validator.w3.org > > wkr http://www.turnguard.com > > > ----- Original Message ----- > From: "Peter Williams" <home_pw@msn.com> > To: "j jakobitsch" <j.jakobitsch@semantic-web.at>, public-xg-webid@w3.org > Sent: Wednesday, January 4, 2012 8:26:46 PM > Subject: RE: WebIDRealm RDFa > > > 1. worked for a cert bearing SAN URI of http://id.myopenlink.net/dataspace/person/home_pw#this > > 2. not sure whether it worked with cert bearing: > > http://yorkporc.blogspot.com/ # > http://yorkporc.blogspot.com/2011/11/2uri.html#me > http://yorkporc.blogspot.com/ > > 3. really struggled with cert bearing the following URIs: > > http://rdf-translator.appspot.com/parse?url=http://rapstr1.blob.core.windows.net/ods/user.ttl&if=n3&of=rdfa > http://rdf-translator.appspot.com/parse?url=http://rapstr1.blob.core.windows.net/ods/user.ttl > http://rapstr1.blob.core.windows.net/ods/user.ttl > > > Yes, these are crafted to force engineering issues, since its a security spec. They also enable me to see if the smantics web's "bigger claims" are true (or getting there, anyways). > > 4. All cases work at FCNS - assuming that its triple walking is a definitive statement of conformance. > > Checking ownership of certificate (public key matches private key)... PASSED (Reason: GENEROUS) > > * Checking if certificate contains URIs in the subjectAltName field... PASSED > > * Found 3 URIs in the certificate (a maximum of 3 will be tested). > > * Checking URI 1 (http://rdf-translator.appspot.com/parse?url=http://rapstr1.blob.core.windows.net/ods/user.ttl&if=n3&of=rdfa)... > - Trying to fetch and process certificate(s) from webid profile... > * Checking URI 2 (http://rdf-translator.appspot.com/parse?url=http://rapstr1.blob.core.windows.net/ods/user.ttl)... > - Trying to fetch and process certificate(s) from webid profile... > * Checking URI 3 (http://rapstr1.blob.core.windows.net/ods/user.ttl)... > - Trying to fetch and process certificate(s) from webid profile... > Testing if the modulus representation matches the one in the webid (found a modulus value)... > > Testing modulus... PASSED > WebID=bd28978fc256880.......c0536bca7cd684d > Cert =bd28978fc256880.......c0536bca7cd684d > > Match found, ignoring futher tests! > > * Authentication successful! > > > > > 5. The last one doesnt work at the OpenLink openid/webid bridge, failing to deliver a required fied in the openid message. > > 6.The last one fails at http://id.myopenlink.net/ods/webid_demo.html?error=noVerified&ts=2012-01-04T14%3A25%3A22.000014-05%3A00&signature=M3yu7VgesSmkKMqqZER1qXZC2dt93NLRJ%2BmKbWTww1qxEd3atNWQo0DWBIO9PuHacAXZ2mZyT8RyhvNgEYrsz1DJrd%2FDmlkkXbFCR672QvpHxqvnNLAoHikvXaEfDIB3F55xdxeDS%2BFMvFvZe2QzwlVjUHqJ8OS2nWbUxMGU4tg%3D , too. Or, rather someone signed an error message (that is typically the gateway to crypto oracles...that subvert keys, 1940s style, 1 bit at a time) > > > > Date: Wed, 4 Jan 2012 19:45:56 +0100 > > From: j.jakobitsch@semantic-web.at > > To: public-xg-webid@w3.org > > Subject: WebIDRealm RDFa > > > > hi, > > > > WebIDRealm [1] now also supports rdfa (not vastly tested). > > maybe someone wants to give it a try. > > > > i now use a modified version of the unofficial openrdf-api-trunk's [2] RDFaParser. > > since this rdfa parser uses a stylesheet for transformation, > > i rewrote the trunk-version to respect w3 bandwidth concerns [3] using an XML CatalogResolver [4]. > > > > if your rdfa profile looks something like so [5] (check source) > > it should be parseable. > > > > wkr http://www.turnguard.com/turnguard > > > > [1] http://webid.turnguard.com/WebIDTestServer/ > > [2] http://repo.aduna-software.org/svn/org.openrdf/sesame/tags/3.0-alpha1/core/rio/rdfa/src/main/java/org/openrdf/rio/rdfa/RDFaParser.java > > [3] http://www.w3.org/blog/systeam/2008/02/08/w3c_s_excessive_dtd_traffic/ > > [4] http://nwalsh.com/docs/articles/xml2003/ > > [5] http://2sea.org/sea.jsp#j > > > > > > -- > > | Jürgen Jakobitsch, > > | Software Developer > > | Semantic Web Company GmbH > > | Mariahilfer Straße 70 / Neubaugasse 1, Top 8 > > | A - 1070 Wien, Austria > > | Mob +43 676 62 12 710 | Fax +43.1.402 12 35 - 22 > > > > COMPANY INFORMATION > > | http://www.semantic-web.at/ > > > > PERSONAL INFORMATION > > | web : http://www.turnguard.com > > | foaf : http://www.turnguard.com/turnguard > > | skype : jakobitsch-punkt > > > > -- > | Jürgen Jakobitsch, > | Software Developer > | Semantic Web Company GmbH > | Mariahilfer Straße 70 / Neubaugasse 1, Top 8 > | A - 1070 Wien, Austria > | Mob +43 676 62 12 710 | Fax +43.1.402 12 35 - 22 > > COMPANY INFORMATION > | http://www.semantic-web.at/ > > PERSONAL INFORMATION > | web : http://www.turnguard.com > | foaf : http://www.turnguard.com/turnguard > | skype : jakobitsch-punkt >
Received on Wednesday, 4 January 2012 20:23:16 UTC