Re: Matter of DN and what's possible

On 1/8/12 6:15 PM, Mo McRoberts wrote:
> On 8 Jan 2012, at 23:07, Kingsley Idehen wrote:
>
>> On 1/8/12 5:52 PM, Mo McRoberts wrote:
>>>> What we need to get people to understand somehow is the fact that you can have a URL (a Locator) and a generic URI (Name) in a cert such that publishers can make descriptor resources for cert. subjects -- using URIs as subject names --  and then publish to network resources addresses identified using URLs.  Doing this reduces publisher tedium inevitably introduced by  Linked Data nuances re., de-referencable URI based names.
>>> I asked previously that you post an example cert (don't worry about the key material, obviously) which shows what you mean — i.e., what things you'd put where and how you believe they should be processed.
>>>
>> Based on my reply to Peter, we will make a cert that just uses the less controversial Subject Information Access extension. The semantics of this cert. element covers exactly what I need i.e., a place for URLs that resolve to resources bearing directed graphs where attribute=value or predicate=object pairs coalesce around identifiers for the cert. subject, as placed in SAN .
> If I'm understanding correctly, you're saying (for example), that sIA might contain a URL,

Yep!

This reference (an Address) resolves to a profile resource bearing 
claims mirror.
> while the sAN contains the URI of the certificate holder which appears within the document published at the sIA URL?

Yep!

Then you completely solve burden problem for publishers re. Linked Data 
publishing nuances that ultimately introduce control problems, as 
already demonstrated by Peter's experiments.

>
> M.
>

-- 

Regards,

Kingsley Idehen	
Founder&  CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen