W3C home > Mailing lists > Public > public-xg-webid@w3.org > January 2012

RE: Matter of DN and what's possible

From: Peter Williams <home_pw@msn.com>
Date: Sun, 8 Jan 2012 15:40:42 -0800
Message-ID: <SNT143-W41496FD35686507C242BC929B0@phx.gbl>
To: <mo.mcroberts@bbc.co.uk>, <kidehen@openlinksw.com>
CC: "public-xg-webid@w3.org" <public-xg-webid@w3.org>

 SAN is the users name. SIA is the pointer to the describer resource - one of whose alternates predicate's values locates the place where the .cer blob can be picked up, with the right mime type(s). Another alternate can point to the PEM encoded blob . Another can point to the .p12 wrapped form of the same blob. Another can point to the .p7m and .p7c forms of the blob (located in cert stores). Another can point to signed SAML2 entitydescriptor, with a base64 encoded element within (containing the blob(s)). There is actually a choice. One could have different access methods in the cert SIA, one per . But, somehow, I feel the semantic web describer apparatus will do a better job (and drives the integration).  
 > From: mo.mcroberts@bbc.co.uk
> Date: Sun, 8 Jan 2012 23:15:28 +0000
> CC: public-xg-webid@w3.org
> To: kidehen@openlinksw.com
> Subject: Re: Matter of DN and what's possible
> 
> 
> On 8 Jan 2012, at 23:07, Kingsley Idehen wrote:
> 
> > On 1/8/12 5:52 PM, Mo McRoberts wrote:
> >>> What we need to get people to understand somehow is the fact that you can have a URL (a Locator) and a generic URI (Name) in a cert such that publishers can make descriptor resources for cert. subjects -- using URIs as subject names --  and then publish to network resources addresses identified using URLs.  Doing this reduces publisher tedium inevitably introduced by  Linked Data nuances re., de-referencable URI based names.
> >> I asked previously that you post an example cert (don't worry about the key material, obviously) which shows what you mean  i.e., what things you'd put where and how you believe they should be processed.
> >> 
> > 
> > Based on my reply to Peter, we will make a cert that just uses the less controversial Subject Information Access extension. The semantics of this cert. element covers exactly what I need i.e., a place for URLs that resolve to resources bearing directed graphs where attribute=value or predicate=object pairs coalesce around identifiers for the cert. subject, as placed in SAN .
> 
> If I'm understanding correctly, you're saying (for example), that sIA might contain a URL, while the sAN contains the URI of the certificate holder which appears within the document published at the sIA URL?
> 
> M.
> 
> -- 
> Mo McRoberts - Technical Lead - The Space,
> 0141 422 6036 (Internal: 01-26036) - PGP key CEBCF03E,
> Project Office: Room 7083, BBC Television Centre, London W12 7RJ
> 
> 
> 
> 
 		 	   		  
Received on Sunday, 8 January 2012 23:43:43 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Sunday, 8 January 2012 23:43:44 GMT