Tuesday, August 8, 2017

Photo tour of Activity in Montreal, Quebec

Without a community to apply Open Value Networks to, which are core to this blog, it remains just theory. Tiberius Brastaviceanu is a global leader in this domain. Thus, here are some pictures of touring around with Tiberius Brastaviceanu and his friends in Montreal:

Sensorica Community Space organized by Value Networks (http://valuenetwork.referata.com/wiki/Main_Page)



























Montreal Fab Lab:














Helios MakerSpace:


Sensorica is pulling together with other activity in the area, including the
Verdun Project:


See: High level considerations for Verdun Project legal structure and Governance  -- Tiberius Brastaviceanu

https://www.youtube.com/watch?v=x0p3Fa2wAUg&feature=youtu.be









Friday, November 25, 2016

Latest Node Solid server Installation Notes

On a recent install, I tried first updating node with the n program available with npm. (https://davidwalsh.name/upgrade-nodejs)

I then tried https://github.com/solid/node-solid-server  with the command
npm install -g solid-server . 
 
I got the following log:
 
npm install -g solid-server
npm WARN deprecated node-uuid@1.4.7: use uuid module instead
/home/brent/.nvm/versions/node/v6.2.2/bin/solid -> 
/home/brent/.nvm/versions/node/v6.2.2/lib/node_modules/
solid-server/bin/solid.js

> spawn-sync@1.0.15 postinstall 
/home/brent/.nvm/versions/node/v6.2.2/lib
/node_modules/solid-server/node_modules/spawn-sync
> node postinstall


> solid-permissions@0.4.2 postinstall 
/home/brent/.nvm/versions/node/v6.2.2/lib/
node_modules/solid-server/node_modules/solid-permissions
> npm run build


> solid-permissions@0.4.2 build /home/brent/
.nvm/versions/node/v6.2.2/lib/node_modules/solid-server/
node_modules/solid-permissions
> babel src -d lib

src/acl-group.js -> lib/acl-group.js
src/authorization.js -> lib/authorization.js
src/index.js -> lib/index.js
src/permission-set.js -> lib/permission-set.js
- readable-stream@2.0.6 node_modules/solid-server/
node_modules/bl/node_modules/readable-stream
- bl@1.1.2 node_modules/solid-server/node_modules/bl
- cookie@0.2.3 node_modules/solid-server
/node_modules/express-session/node_modules/cookie
- qs@6.2.0 node_modules/solid-server/node_modules/express/node_modules/qs
isarray@1.0.0 node_modules/solid-server/node_modules/bl/node_modules/isarray 
-> node_modules/solid-server/node_modules/readdirp/node_modules/isarray
- http-errors@1.5.0 node_modules/solid-server/
node_modules/send/node_modules/http-errors
/home/brent/.nvm/versions/node/v6.2.2/lib
└─┬ solid-server@3.3.0 
  ├─┬ body-parser@1.15.2 
  │ ├── bytes@2.4.0 
  │ ├── debug@2.2.0 
  │ ├─┬ http-errors@1.5.1 
  │ │ ├── setprototypeof@1.0.2 
  │ │ └── statuses@1.3.1 
  │ ├── qs@6.2.0 
  │ ├── raw-body@2.1.7 
  │ └── type-is@1.6.14 
  ├── cors@2.8.1 
  ├─┬ debug@2.3.3 
  │ └── ms@0.7.2 
  ├─┬ express@4.14.0
  │ ├── debug@2.2.0 
  │ ├─┬ finalhandler@0.5.0
  │ │ └── debug@2.2.0 
  │ └─┬ send@0.14.1
  │   └── debug@2.2.0 
  ├─┬ express-session@1.14.2 
  │ ├── crc@3.4.1 
  │ └── debug@2.2.0 
  ├─┬ from2@2.3.0 
  │ ├── inherits@2.0.3 
  │ └── readable-stream@2.2.2 
  ├─┬ fs-extra@0.30.0
  │ ├── graceful-fs@4.1.11 
  │ ├── jsonfile@2.4.0 
  │ ├── klaw@1.3.1 
  │ └── path-is-absolute@1.0.1 
  ├─┬ glob@7.1.1 
  │ ├── inflight@1.0.6 
  │ ├─┬ minimatch@3.0.3 
  │ │ └─┬ brace-expansion@1.1.6 
  │ │   └── balanced-match@0.4.2 
  │ └── once@1.4.0 
  ├─┬ inquirer@1.2.3 
  │ ├─┬ external-editor@1.1.1 
  │ │ ├─┬ spawn-sync@1.0.15 
  │ │ │ ├── concat-stream@1.5.2 
  │ │ │ └── os-shim@0.1.3 
  │ │ └─┬ tmp@0.0.29 
  │ │   └── os-tmpdir@1.0.2 
  │ ├── lodash@4.17.2 
  │ └─┬ string-width@1.0.2 
  │   ├── code-point-at@1.1.0 
  │   └─┬ is-fullwidth-code-point@1.0.0
  │     └── number-is-nan@1.0.1 
  ├── li@1.1.0 
  ├─┬ mime-types@2.1.13 
  │ └── mime-db@1.25.0 
  ├── moment@2.17.0 
  ├── node-forge@0.6.45 
  ├─┬ nodemailer@2.6.4 
  │ ├── libmime@2.1.0 
  │ ├─┬ mailcomposer@3.12.0 
  │ │ └── buildmail@3.10.0 
  │ ├─┬ nodemailer-direct-transport@3.3.2 
  │ │ └── smtp-connection@2.12.0 
  │ ├─┬ nodemailer-shared@1.1.0 
  │ │ └── nodemailer-fetch@1.6.0 
  │ ├─┬ nodemailer-smtp-pool@2.8.2 
  │ │ └── nodemailer-wellknown@0.1.10 
  │ ├── nodemailer-smtp-transport@2.7.2 
  │ └─┬ socks@1.1.9
  │   └── ip@1.1.4 
  ├── rdflib@0.10.0 
  ├─┬ request@2.79.0 
  │ ├── aws4@1.5.0 
  │ ├─┬ form-data@2.1.2 
  │ │ └── asynckit@0.4.0 
  │ ├─┬ har-validator@2.0.6
  │ │ └─┬ is-my-json-valid@2.15.0 
  │ │   └── jsonpointer@4.0.0 
  │ ├─┬ http-signature@1.1.1
  │ │ ├─┬ jsprim@1.3.1 
  │ │ │ └── json-schema@0.2.3 
  │ │ └─┬ sshpk@1.10.1 
  │ │   ├── bcrypt-pbkdf@1.0.0 
  │ │   ├── dashdash@1.14.1 
  │ │   └── tweetnacl@0.14.3 
  │ ├── qs@6.3.0 
  │ ├── tough-cookie@2.3.2 
  │ └── uuid@3.0.0 
  ├── rimraf@2.5.4 
  ├─┬ solid-namespace@0.1.0 
  │ └── rdf-ns@0.1.0 
  ├─┬ solid-permissions@0.4.2 
  │ ├─┬ babel-cli@6.18.0 
  │ │ ├─┬ babel-core@6.18.2 
  │ │ │ ├─┬ babel-code-frame@6.16.0 
  │ │ │ │ ├── esutils@2.0.2 
  │ │ │ │ └── js-tokens@2.0.0 
  │ │ │ ├─┬ babel-generator@6.19.0 
  │ │ │ │ ├─┬ detect-indent@4.0.0 
  │ │ │ │ │ └─┬ repeating@2.0.1 
  │ │ │ │ │   └── is-finite@1.0.2 
  │ │ │ │ └── jsesc@1.3.0 
  │ │ │ ├── babel-helpers@6.16.0 
  │ │ │ ├── babel-messages@6.8.0 
  │ │ │ ├── babel-template@6.16.0 
  │ │ │ ├─┬ babel-traverse@6.19.0 
  │ │ │ │ ├── globals@9.14.0 
  │ │ │ │ └─┬ invariant@2.2.2 
  │ │ │ │   └── loose-envify@1.3.0 
  │ │ │ ├─┬ babel-types@6.19.0 
  │ │ │ │ └── to-fast-properties@1.0.2 
  │ │ │ ├── babylon@6.14.1 
  │ │ │ ├── json5@0.5.0 
  │ │ │ └── private@0.1.6 
  │ │ ├─┬ babel-polyfill@6.16.0 
  │ │ │ ├── core-js@2.4.1 
  │ │ │ └── regenerator-runtime@0.9.6 
  │ │ ├─┬ babel-register@6.18.0 
  │ │ │ ├─┬ home-or-tmp@2.0.0 
  │ │ │ │ └── os-homedir@1.0.2 
  │ │ │ ├─┬ mkdirp@0.5.1 
  │ │ │ │ └── minimist@0.0.8 
  │ │ │ └── source-map-support@0.4.6 
  │ │ ├── babel-runtime@6.18.0 
  │ │ ├─┬ chokidar@1.6.1 
  │ │ │ ├─┬ anymatch@1.3.0 
  │ │ │ │ ├── arrify@1.0.1 
  │ │ │ │ └─┬ micromatch@2.3.11 
  │ │ │ │   ├─┬ arr-diff@2.0.0 
  │ │ │ │   │ └── arr-flatten@1.0.1 
  │ │ │ │   ├── array-unique@0.2.1 
  │ │ │ │   ├─┬ braces@1.8.5 
  │ │ │ │   │ ├─┬ expand-range@1.8.2 
  │ │ │ │   │ │ └─┬ fill-range@2.2.3 
  │ │ │ │   │ │   ├── is-number@2.1.0 
  │ │ │ │   │ │   ├─┬ isobject@2.1.0 
  │ │ │ │   │ │   │ └── isarray@1.0.0 
  │ │ │ │   │ │   ├── randomatic@1.1.6 
  │ │ │ │   │ │   └── repeat-string@1.6.1 
  │ │ │ │   │ ├── preserve@0.2.0 
  │ │ │ │   │ └── repeat-element@1.1.2 
  │ │ │ │   ├─┬ expand-brackets@0.1.5 
  │ │ │ │   │ └── is-posix-bracket@0.1.1 
  │ │ │ │   ├── extglob@0.3.2 
  │ │ │ │   ├── filename-regex@2.0.0 
  │ │ │ │   ├── kind-of@3.0.4 
  │ │ │ │   ├── normalize-path@2.0.1 
  │ │ │ │   ├─┬ object.omit@2.0.1 
  │ │ │ │   │ ├─┬ for-own@0.1.4 
  │ │ │ │   │ │ └── for-in@0.1.6 
  │ │ │ │   │ └── is-extendable@0.1.1 
  │ │ │ │   ├─┬ parse-glob@3.0.4 
  │ │ │ │   │ ├── glob-base@0.3.0 
  │ │ │ │   │ └── is-dotfile@1.0.2 
  │ │ │ │   └─┬ regex-cache@0.4.3 
  │ │ │ │     ├── is-equal-shallow@0.1.3 
  │ │ │ │     └── is-primitive@2.0.0 
  │ │ │ ├── async-each@1.0.1 
  │ │ │ ├── glob-parent@2.0.0 
  │ │ │ ├─┬ is-binary-path@1.0.1 
  │ │ │ │ └── binary-extensions@1.7.0 
  │ │ │ ├─┬ is-glob@2.0.1 
  │ │ │ │ └── is-extglob@1.0.0 
  │ │ │ └─┬ readdirp@2.1.0 
  │ │ │   ├── readable-stream@2.2.2 
  │ │ │   └── set-immediate-shim@1.0.1 
  │ │ ├── convert-source-map@1.3.0 
  │ │ ├── fs-readdir-recursive@1.0.0 
  │ │ ├── glob@5.0.15 
  │ │ ├── output-file-sync@1.1.2 
  │ │ ├── slash@1.0.0 
  │ │ └─┬ v8flags@2.0.11 
  │ │   └── user-home@1.1.1 
  │ └─┬ babel-preset-es2015@6.18.0 
  │   ├── babel-plugin-check-es2015-constants@6.8.0 
  │   ├── babel-plugin-transform-es2015-arrow-functions@6.8.0 
  │   ├── babel-plugin-transform-es2015-block-scoped-functions@6.8.0 
  │   ├── babel-plugin-transform-es2015-block-scoping@6.18.0 
  │   ├─┬ babel-plugin-transform-es2015-classes@6.18.0 
  │   │ ├── babel-helper-define-map@6.18.0 
  │   │ ├── babel-helper-function-name@6.18.0 
  │   │ ├── babel-helper-optimise-call-expression@6.18.0 
  │   │ └── babel-helper-replace-supers@6.18.0 
  │   ├── babel-plugin-transform-es2015-computed-properties@6.8.0 
  │   ├── babel-plugin-transform-es2015-destructuring@6.19.0 
  │   ├── babel-plugin-transform-es2015-duplicate-keys@6.8.0 
  │   ├── babel-plugin-transform-es2015-for-of@6.18.0 
  │   ├── babel-plugin-transform-es2015-function-name@6.9.0 
  │   ├── babel-plugin-transform-es2015-literals@6.8.0 
  │   ├── babel-plugin-transform-es2015-modules-amd@6.18.0 
  │   ├─┬ babel-plugin-transform-es2015-modules-commonjs@6.18.0 
  │   │ └── babel-plugin-transform-strict-mode@6.18.0 
  │   ├─┬ babel-plugin-transform-es2015-modules-systemjs@6.19.0 
  │   │ └── babel-helper-hoist-variables@6.18.0 
  │   ├── babel-plugin-transform-es2015-modules-umd@6.18.0 
  │   ├── babel-plugin-transform-es2015-object-super@6.8.0 
  │   ├─┬ babel-plugin-transform-es2015-parameters@6.18.0 
  │   │ ├── babel-helper-call-delegate@6.18.0 
  │   │ └── babel-helper-get-function-arity@6.18.0 
  │   ├── babel-plugin-transform-es2015-shorthand-properties@6.18.0 
  │   ├── babel-plugin-transform-es2015-spread@6.8.0 
  │   ├─┬ babel-plugin-transform-es2015-sticky-regex@6.8.0 
  │   │ └── babel-helper-regex@6.18.0 
  │   ├── babel-plugin-transform-es2015-template-literals@6.8.0 
  │   ├── babel-plugin-transform-es2015-typeof-symbol@6.18.0 
  │   ├─┬ babel-plugin-transform-es2015-unicode-regex@6.11.0 
  │   │ └─┬ regexpu-core@2.0.0 
  │   │   ├── regenerate@1.3.2 
  │   │   ├── regjsgen@0.2.0 
  │   │   └─┬ regjsparser@0.1.5 
  │   │     └── jsesc@0.5.0 
  │   └── babel-plugin-transform-regenerator@6.16.1 
  ├─┬ solid-ws@0.2.2
  │ └─┬ ws@0.8.1
  │   └─┬ bufferutil@1.2.1
  │     └── nan@2.4.0 
  ├── string@3.3.3 
  ├─┬ uid-safe@2.1.3 
  │ ├── base64-url@1.3.3 
  │ └── random-bytes@1.0.0 
  ├── uuid@2.0.3 
  └─┬ webid@0.3.7
    └─┬ rdflib@0.2.11
      ├─┬ browserify@13.1.1 
      │ ├─┬ browser-pack@6.0.2 
      │ │ └─┬ combine-source-map@0.7.2
      │ │   └── convert-source-map@1.1.3 
      │ ├─┬ browserify-zlib@0.1.4
      │ │ └── pako@0.2.9 
      │ ├─┬ buffer@4.9.1 
      │ │ ├── base64-js@1.2.0 
      │ │ └── ieee754@1.1.8 
      │ ├── cached-path-relative@1.0.0 
      │ ├─┬ crypto-browserify@3.11.0
      │ │ ├─┬ browserify-sign@4.0.0
      │ │ │ ├── bn.js@4.11.6 
      │ │ │ ├─┬ elliptic@6.3.2 
      │ │ │ │ └── brorand@1.0.6 
      │ │ │ └─┬ parse-asn1@5.0.0
      │ │ │   └── asn1.js@4.9.0 
      │ │ ├─┬ create-hash@1.1.2
      │ │ │ └── cipher-base@1.0.3 
      │ │ └── pbkdf2@3.0.9 
      │ ├─┬ duplexer2@0.1.4
      │ │ └── readable-stream@2.2.2 
      │ ├── events@1.1.1 
      │ ├─┬ insert-module-globals@7.0.1
      │ │ └── is-buffer@1.1.4 
      │ ├── JSONStream@1.2.1 
      │ ├─┬ labeled-stream-splicer@2.0.0
      │ │ └─┬ stream-splicer@2.0.0
      │ │   └── readable-stream@2.2.2 
      │ ├─┬ module-deps@4.0.8 
      │ │ ├─┬ detective@4.3.2 
      │ │ │ └── acorn@3.3.0 
      │ │ ├── readable-stream@2.2.2 
      │ │ └─┬ stream-combiner2@1.1.1
      │ │   └── readable-stream@2.2.2 
      │ ├── process@0.11.9 
      │ ├─┬ read-only-stream@2.0.0
      │ │ └── readable-stream@2.2.2 
      │ ├── readable-stream@2.2.2 
      │ ├─┬ shasum@1.0.2
      │ │ └── sha.js@2.4.8 
      │ ├─┬ stream-browserify@2.0.1
      │ │ └── readable-stream@2.2.2 
      │ ├─┬ stream-http@2.5.0 
      │ │ └── readable-stream@2.2.2 
      │ ├─┬ subarg@1.0.0
      │ │ └── minimist@1.2.0 
      │ └─┬ util@0.10.3
      │   └── inherits@2.0.1 
      └── coffee-script@1.11.1 

npm WARN optional Skipping failed optional dependency /solid-server/chokidar/fsevents:
npm WARN notsup Not compatible with your operating system or architecture: fsevents@1.0.15
 
Investigating I found fsevents at https://www.npmjs.com/package/fsevents . It is 
developed for OSX. 

Thursday, August 25, 2016

Steps Taken for Creating a Self-Signed Certificate targeted for SOLiD with OpenSSL

[1] Modify /etc/ssl/openssl.cnf

[2] Add under [ v3_ca ] the line:
subjectAltName=URI:'http://bshambaugh.org/profile#me'

basicConstraints = CA:false


[3] openssl 2048 > localhost.key

[4] openssl req -new -x509 -nodes -sha256 \-days 3650 -key localhost.key -subj '/O=WebID/CN=Brent Shambaugh/' > localhost.crt


[5] openssl x509 -noout -text -in localhost.crt
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12316411301973396186 (0xaaecaed2f1bb0ada)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: O=WebID, CN=Brent Shambaugh
        Validity
            Not Before: Aug 25 15:07:43 2016 GMT
            Not After : Aug 23 15:07:43 2026 GMT
        Subject: O=WebID, CN=Brent Shambaugh
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c4:1f:69:30:21:88:e6:13:f3:df:09:e5:cd:50:
                    68:59:9e:5c:c6:f8:90:45:b5:1a:b6:c1:cf:d6:86:
                    25:b6:52:bc:58:59:36:1d:1e:ca:34:5c:47:37:a3:
                    23:e9:f9:de:bd:53:44:2f:dd:18:38:b0:de:19:10:
                    73:79:5c:70:8c:3c:44:22:e7:64:06:ff:83:c8:2f:
                    ca:ab:7a:13:e9:13:55:c7:ed:b2:75:cb:d4:93:d6:
                    ef:1a:25:c3:ed:74:cb:3a:9f:2d:a6:c8:61:83:f7:
                    04:e1:af:4c:d9:a5:93:fa:0c:21:cd:5f:cc:86:21:
                    8f:8f:63:bc:ba:0c:c0:b8:41:d4:5e:2a:16:b5:cb:
                    48:d1:29:be:e3:ff:36:3f:22:a3:34:d8:4c:06:0e:
                    96:58:38:75:da:40:83:cb:1f:e0:7b:6f:b1:00:dc:
                    63:21:22:a4:6d:39:89:e6:3d:79:ca:ff:7f:10:4f:
                    16:b0:43:6f:26:f6:04:bb:69:49:87:ac:15:cc:8a:
                    24:40:df:74:92:28:d5:83:5d:77:43:3c:7a:31:2f:
                    32:8a:51:e2:dd:c0:d3:8b:a5:95:45:50:4f:2f:6d:
                    fa:d1:6d:e6:02:db:19:3a:2d:ca:60:11:bd:53:14:
                    98:74:4a:90:52:16:c2:87:d8:c2:f9:cb:fe:63:fe:
                    e3:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:BB:34:0C:42:38:F8:8E:A1:E7:D7:B9:05:30:2B:BF:49:AD:74:4C
            X509v3 Authority Key Identifier:
                keyid:35:BB:34:0C:42:38:F8:8E:A1:E7:D7:B9:05:30:2B:BF:49:AD:74:4C

            X509v3 Basic Constraints:
                CA:FALSE
            X509v3 Subject Alternative Name:
                URI:http://bshambaugh.org/profile#me
    Signature Algorithm: sha256WithRSAEncryption
         0f:b3:65:41:cc:d1:9f:81:a4:62:be:80:7f:f1:0a:ee:b2:24:
         85:d3:b2:41:e6:f6:e3:10:e4:72:61:d0:d5:5e:07:71:ef:63:
         6d:43:5b:ea:e1:77:9e:66:05:f2:de:17:c1:b7:9c:7b:91:d8:
         41:45:a2:b3:1e:f8:c1:41:c0:58:6f:f3:43:22:7c:a8:17:8d:
         b7:51:ae:b8:fc:5d:2f:bb:88:ae:b4:8e:d4:65:fe:8d:05:95:
         09:ec:c5:42:04:9d:ce:f7:25:f7:02:b5:87:54:46:d7:9f:90:
         ad:e3:6a:8e:bc:17:a1:33:b1:47:bd:a2:99:69:ef:b3:47:72:
         63:07:be:4a:fe:6e:c4:0e:59:f9:14:c7:49:0b:97:d6:13:97:
         0f:d7:52:e2:c8:19:54:24:a0:fb:54:2e:a7:12:d7:f2:e8:e7:
         1e:26:62:7f:0f:2f:58:ed:f4:fb:7a:e1:21:4b:e1:e0:0c:f2:
         36:ab:cd:a2:ab:f5:25:14:55:b1:78:95:b4:23:af:e2:ce:95:
         28:07:21:5e:74:2e:7d:1b:67:b1:67:66:9e:49:22:9e:82:2f:
         9a:64:eb:53:41:ee:0f:ce:18:0e:80:94:f0:4a:5d:ab:50:fc:
         f3:4d:5c:94:e4:7f:82:c0:65:8d:1e:1f:0e:21:ca:c5:a4:77:
         29:f7:c3:ee

------------
Inspiration: http://stackoverflow.com/questions/21488845/how-can-i-generate-a-self-signed-certificate-with-subjectaltname-using-openssl
Reference: https://tools.ietf.org/html/rfc5280

-------------------

The idea is to embed this in the php exec() or shell_exec() function. If this does not work satisfactorily of if Node.js is desired instead try https://www.npmjs.com/package/webid

Wednesday, August 24, 2016

Question about creating a certificate for SOLiD

I'm trying to use PHP to create a certificate for SOLiD.  It is not immediately clear to me how to set things other than distinguished name. I'm after "subject alternative name" etc. I see it here with openssl (http://blog.endpoint.com/2014/10/openssl-csr-with-alternative-names-one.html) but not with php
( http://php.net/manual/en/ref.openssl.php ). The functionality may not built into php. I may need to use the exec or shell_exec php function.

Also see: http://stackoverflow.com/questions/29861501/using-exec-with-php-to-run-a-command

Saturday, July 23, 2016

Candidate Resources for Cryptography for use with custom SOLiD

PHP:

http://php.net/manual/en/book.openssl.php

http://phpseclib.sourceforge.net/x509/guide.html

http://phpseclib.sourceforge.net/x509/guide.html#selfsigned

( Reference: https://en.wikipedia.org/wiki/X.509 )

JavaScript:

[SSL Client Authentication in Node.js]    
http://nategood.com/nodejs-ssl-client-cert-auth-api-rest

[Client Side Certificate Auth in Nginx]
http://blog.nategood.com/client-side-certificate-authentication-in-ngi

[List of JavaScript Crypto Libraries]
https://gist.github.com/jo/8619441

[Stanford JavaScript Crypto Library]
https://crypto.stanford.edu/sjcl/ -> https://github.com/bitwiseshiftleft/sjcl 



HTML5 Keygen

[Client Certificates and the HTML5 keygen Tag]
http://orcaman.blogspot.com/2013/12/client-certificates-and-html5-kegen-tag.html?m=1

    A demo:
    https://openweb.or.kr/html5/index_en.php
    which points to:
    https://openweb.or.kr/html5/download.txt

    (useful: see setting www-data permissions: http://stackoverflow.com/questions/9133024/www-data-permissions,
http://www.cyberciti.biz/faq/ubuntu-add-user-to-group-www-data/)
guess:sudo chown -RW www-data ./demoCA
 
    which is related to:
    https://github.com/melvincarvalho/foafssl/blob/master  /simpleCreateClientCertificate.php

 see especially (https://github.com/melvincarvalho/foafssl/blob/master/cert.php), and compare it to the first link (http://php.net/manual/en/book.openssl.php)


    https://lists.w3.org/Archives/Public/public-xg-webid/2011Aug/0042.html