RE: WebIDRealm

the distinction between the reference to the object (in the directory or web) and some label property in said object (once referenced) is confusing becuase folks do exactly what you just did, yourself. You happened to do it with something you regard as legacy (and you justify then abusing it, to make coding simple).

 

You took a DN, from a cert, which is a reference. Unlike a DirectoryName type (that is printable), an DN is not. Its a pure machine-readable reference to a directory object, at which point one learns all the other properties of the thing the ref just located - including printable properties. Then one prints them, or uses them in better class UI.

 

You just did exactly to certs DN field what you complained folks do with URIs.

 

Obviously, Im being formal (and pretty anal). Of course, the world just does what you do, incorrectly. But they dont whine (accepting we are all imperfect, and do "what works" with minimal effort)

 

If you want the subject field of a cert to associate (correctly) with a UI-representation, use the correct type in the SAN. One type someone defined yonkjs ago (albeit in microsoft-land only, and in the days before 2000 and X.509 got SANs formally) has an HTML in the cert, so its web friendly. Then, this cert extension provides the bit of HTML that makes the UI behave correctly. I've been using it to convey a bit of signed RDFa for a while now (in MSFT land, only)

 

 

 

 

 

  		 	   		  

Received on Monday, 2 January 2012 17:48:44 UTC