W3C home > Mailing lists > Public > public-xg-webid@w3.org > June 2011

Re: [foaf-protocols] WebID test suite

From: Mo McRoberts <mo.mcroberts@bbc.co.uk>
Date: Wed, 29 Jun 2011 22:17:54 +0100
Cc: Peter Williams <home_pw@msn.com>, "public-xg-webid@w3.org" <public-xg-webid@w3.org>
Message-Id: <B4FA43E2-7C36-4FDC-A31A-08DA72109224@bbc.co.uk>
To: Henry Story <henry.story@bblfish.net>

On 29 Jun 2011, at 21:59, Henry Story wrote:

> yes, but the attribute on one web site will not necessarily, and indeed usually will not have the meaning of an attribute on another site. That is the point I am trying to make. This is true in ldap as it is of attributes in a URL.
> The "cn" above is a string of two places. Ok, so often in ldap contexts it means Common Name, but in other places in might mean Confidentiatlity Number, and in other places it means Chinese National, or "Centre Nucleair" etc.

CN _always_ in LDAP contexts it means Common Name, just as it always means it in X.509 certs. In fact, CN, OU, C et al in an X.509 cert and in an LDAP-exposed directory aren't just equivalent, but *exactly* the same thing.

a attr=value,attr=value,attr=value Distinguished Name uses the same namespaces as the rest of the attributes and object types you'll see from any given server. The core stuff comes from the earliest specs and is well-defined and well-known  CN and DC both fall into that category.

> LDAP having evolved in closed circles, there was no need pragmatic need for these to synchronise with one another (Or at least only very few of them did) So one can predict that they did not. At least it is now an empirical task to work out if by chance everyone used these names the same way.

Aside from the fact that you generally don't need to care about the names themselves, there are specs for the commonly-used stuff (that's how it became commonly-used!)  hence my suggestion that you look at the schema files in an OpenLDAP installation.

ITU-land has a huge number of faults, but as the whole point of X.500 was a globally-connected telephone directory on steroids, they were pretty keen to ensure interop. LDAP follows along that path, but with the added benefits of having IETF input along the way.

Believe me, if *that* stuff didn't interop properly, then X.509 certs wouldn't have ever managed to either, and WebID wouldn't exist  it's all part of the same family :)


Mo McRoberts - Data Analyst - Digital Public Space,
Zone 1.08, BBC Scotland, 40 Pacific Quay, Glasgow G51 1DA,
Room 7066, BBC Television Centre, London W12 7RJ,
0141 422 6036 (Internal: 01-26036) - PGP key 0x663E2B4A
Received on Wednesday, 29 June 2011 21:18:20 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:06:24 UTC