Hi, CT1.7.8.11 has not been validated yet. What this means is that the TC has not been proven to work with IoTivity or Lite and is therefore not required to pass for certification. The CTT will still run the test case but failing it will not prevent a Device from being certified.
To find out the Category (i.e. status) of which test cases are required and which are not, please refer to the Certification Requirements Status List (CRSL) which is on the CWG Kavi page. We can talk about the details of the test case if you want but my guess is that this test case will go away at some point based on discussions I've had with a few folks in the Security WG. Thanks, Mitch Begin forwarded message: From: t...@vinetech.co.kr<mailto:t...@vinetech.co.kr> Subject: [dev] CRUDN permission for SVRs from the devices which is not in the aclist. Date: October 24, 2018 at 7:14:34 AM EDT To: iotivity-dev@lists.iotivity.org<mailto:iotivity-dev@lists.iotivity.org> [Edited Message Follows] Hello! I'm preparing to OCF certification and testing my server using OCF Conformance Tool(2.2.0). I passed or got warning for almost tests but the only remaining test is the CT1.7.8.11. The process of the test is following(I omitted some process for convenience). 1. Four random UUIDs for DOXS, AMS, CMS and CLIENT_A is generated and added to /oic/sec/cred. 2. Set rowneruuid of /oic/sec/doxm and /oic/sec/pstat to the DOXS UUID. 3. Set rowneruuid of /oic/sec/acl2 to the AMS UUID. 4. Set rowneruuid of /oic/sec/cred to the CMS UUID. 5. Remove all the ACEs in the /oic/sec/acl2. 6. If the IUT has any Vertical Resources, ACE that provides "auth-crypt" acess with RETRIEVE is installed. 7. They tried to access each property of doxm/acl2/cred and see the access control is working properly. My question is in the aclist there is no ACE for the resources, doxm, acl2, cred. In this case, in what criteria to check the permission of the request? For example, in the test process, DOXS tries to update properties of doxm resource and it is allowed. I think that makes sense. Because DOXS owns the doxm resource. But, AMS also can update the doxm resource's properties and that's the desired result in the test. CMS also can do even AMS and CMS is not in the aclist for the doxm resource and there uuid is not in the rowneruuid in the doxm. However CLIENT_A is not allowed to update the doxm resource's properties(My server program is allowing it though. And that's why I'm not passing the test.). In summary, which client can access and do CRUDN operations when they're not in the aclist nor in the rowneruuid? Thanks. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#9962): https://lists.iotivity.org/g/iotivity-dev/message/9962 Mute This Topic: https://lists.iotivity.org/mt/27620160/21656 Group Owner: iotivity-dev+ow...@lists.iotivity.org Unsubscribe: https://lists.iotivity.org/g/iotivity-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
