The node-solid-server implements WAC ACLs using simple append of .acl to the resource URI. It seems to consistently return a URI with .acl appended to in Link: <...>; rel="acl" even if the resource being requested does not exist or is already and ACL!
Easy download and run:
mkdir solid
cd solid
npm install -g solid-server
# generate key for local use
openssl genrsa 2048 > localhost.key
openssl req -new -x509 -nodes -sha256 -days 3650 -key localhost.key -subj '/CN=*.localhost' > localhost.cert
# clear all state (if any previous run) and restart
rm -rf data; mkdir data
solid start --root data --port 8443 --ssl-key localhost.key --ssl-cert localhost.cert
# can then access on web at https://localhost:8443/
Test cases after creating an account via web UI:
> curl --insecure -I https://localhost:8443/profile/card
HTTP/1.1 200 OK
...
Link: <card.acl>; rel="acl", <card.meta>; rel="describedBy", <http://www.w3.org/ns/ldp#Resource>; rel="type"
> curl --insecure -I https://localhost:8443/profile/card.acl
HTTP/1.1 200 OK
...
Link: <card.acl.acl>; rel="acl", <card.acl.meta>; rel="describedBy", <http://www.w3.org/ns/ldp#Resource>; rel="type"
> curl --insecure -I https://localhost:8443/whatever.acl.acl.acl
HTTP/1.1 401 Unauthorized
...
Link: <whatever.acl.acl.acl.acl>; rel="acl", <whatever.acl.acl.acl.meta>; rel="describedBy", <http://www.w3.org/ns/ldp#Resource>; rel="type"
(One can mess about with the data by editing files under data while the server is running. The server doesn't seem to cache any resource state.)