Is it really that common to get a random, unknown DN and expect to do something useful with it? Is it so common that it's worth defining an AIA-style name/attribute component? How often do you expect to receive a random DN without the associated cert? And when you get them, what are you expecting to do with them? Sure seems a lot easier to say "send the cert" /r$