- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Sun, 08 Jan 2012 14:20:25 -0500
- To: WebID XG <public-xg-webid@w3.org>
- Message-ID: <4F09EC79.3000302@openlinksw.com>
All, Please look at: http://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509nametype(v=vs.85).aspx . Again, I believe we can reduce Linked Data publishing complexity re. WebID by separating the identifiers that serve the role of Name from identifiers that serve the role of Address. In doing so, a publish (via an x.509) cert can assert: 1. Here is a Subject's Name (which could be an Identifier in composite or compound form, important thing is that its a key) 2. Here is the Address of a Resource that describes an x.509 cert Subject via a directed graph (negotiable representation) via existence of a "mirrored claim" (in this case relation connecting Subject Name to Public Key components). I see two routes: 1. be more flexible and imaginative about contents of DN 2. delineate between UrlName (URL) and UriName (generic URI) when dealing with a composite SAN i.e., one with many URIs. Of course, there is a 3rd route, but utterly heretic. Just adopt the same approach as Microsoft! It won't lock you into Windows. -- Regards, Kingsley Idehen Founder& CEO OpenLink Software Company Web: http://www.openlinksw.com Personal Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca handle: @kidehen Google+ Profile: https://plus.google.com/112399767740508618350/about LinkedIn Profile: http://www.linkedin.com/in/kidehen
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Sunday, 8 January 2012 19:23:16 UTC