- From: Yunhao Zhang <yzhang@sqldata.com>
- Date: Tue, 19 Oct 2004 13:24:59 -0400
- To: <jose.kahan@w3.org>, <www-xkms@w3.org>
Joe, Yes. I agree with you. We should test error scenarios, especially in XKRSS. Cases may be considered include, 1. Requesting with bad secret. 2. Recovering a client generated key. 3. Revoking an invalid, or nonexistent, key. 4. Registering a key with unknown identity. 5. Invalid signature or signed by an untrusted certificate. Our client can be twisted to support the cases easily. Regards, Yunhao ----- Original Message ----- From: "Jose Kahan" <jose.kahan@w3.org> To: <www-xkms@w3.org> Sent: Tuesday, October 19, 2004 12:07 PM Subject: testing error cases > > Hi! > > As part of the test suite, we should try to test not only the succesful > behaviour, but the errors too. > > For example, what happens when you revoke a certificate that doesn't > exist, what happens when you use the wrong shared secret, what happens > when you use the status request and you don't get a sucess reply... > > Guillermo pointed out to me today that it may be difficult to do those > tests, as in some cases the clients or the servers need to be able to send > wrong messages. What we want to test in these cases is what happens > when either the client or server receive an invalid message. > > It seems that the SOAP people used fake clients or servers to test > the error cases. I have no idea how flexible are the current > implementations. > > Any ideas on how to proceed here are welcome. > > -jose > >
Received on Tuesday, 19 October 2004 17:31:47 UTC