On 4/5/11 5:09 AM, Henry Story wrote:
I put an initial Clerezza servers up on bblfish.net with the WebId test
endpoint running here:
https://bblfish.net:8443/test/WebId [1]
This will show you
- the public key from the certificate you used, if any
- for each claimed WebId:
which were verified, failed or are still unverified
(that last option is to allow for asynchronous WebId checking )
The code for this component is in the Subversion repository here
https://svn.apache.org/repos/asf/incubator/clerezza/trunk/parent/platform.security.foafssl/test/
Currently the User Interface for the WebID test component is not good looking
and it is not machine readable. What is most needed to be able to run automated
WebID tests is to make the responses machine readable (excepting core SSL/TLS
errors thrown when for example the private key does not match the public key)
So we can use
- the cert ontology to describe the certificate
- the test ontology to describe the tests on each webid
That is the next piece I will work on.
It will then be possible for someone to put together a test agent for ISSUE-9
to try out things such as, connecting with
- a certificate that works
- a certificate with no webid that works
- a certificate with some webids that work
- certificates with WebIDs whose profile is in only one of a number of
representations
+ RDFa representation
+ rdf/xml
+ turtle
( This can then be used to build a profile of server and see what
representations it understands)
- certificates that have expired, or that are too early
- testing of support for HTTP redirects of WebIDs (when we have an idea what
the behaviour should be)
- profiles using old and new ontology
- Profiles with short cache control directives (servers should do a new http
GET at some point - my server won't and I don't think many will currently)
- others
It could then use this to put up a report on the servers abilities. Perhaps
this report could also be in machine readable format, so that test suites can
be compared automatically.
I'll work next on making my test endpoint machine readable.
Henry
[1] when it is more stable I'll move the whole instance to port 443. The 8443
port is there as a reminder that any data placed on this instance will be lost
in a not too distant future
[2] The more fine tuned clerezza ui is http://bblfish.net:8443/dashboard/
Henry,
Works fine with my "http:" scheme based WebID but doesn't seem to do so
with my "mailto:"; and "acct:" scheme based WebIDs. Anyway, I'll double
check a few things on my side re. these non "http:" scheme based WebIDs
just in case something else is amiss.
Kingsley
On 22 Mar 2011, at 23:20, bergi wrote:
Hi,
I have created a little WebID test suite. It's based on JUnit and apache
HttpClient. To test your own webid implementation you have to create an
endpoint which outputs all valid agents comma seperated. In the
default.properties file you have to change the endpoint to your own url,
the endpoint certificate to your own certificate in pem format. The
publish base url and path must point to a folder which is accessable via
your local file system and http. I'm using a local apache with a hacked
hosts file. Currently the following tests are included:
- Default (single entry in subjectAtlNames)
- MissingRdf (404 http error)
- MultipleIDs (two entries in subjectAltNames)
- WrongModulus (wrong modulus in rdf)
- WrongPublicExponent (wrong public exponent in rdf)
Issue:
http://www.w3.org/2005/Incubator/webid/track/issues/9
Download:
https://www.axolotlfarm.org/~bergi/projects/commons/test-webid-20110322.zip
Regards,
the bergi
Social Web Architect
http://bblfish.net/
--
Regards,
Kingsley Idehen
President& CEO
OpenLink Software
Web: http://www.openlinksw.com
Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca: kidehen
