[EMAIL PROTECTED] - Wed Jan 22 11:51:52 2003]: > Hi, > > would it be possible to implement a slightly more general > X500 name compare in OpenSSL ? Currently OpenSSL accepts only > strings with the same encoding type (i.e. OpenSSL compares > only PRINTABLE with PRINTABLE and not PRINTABLE with T61STRING, > although every PRINTABLE string is also a T61STRING). Could > OpenSSL be modified (see attached patch) to allow a comparison > between PRINTABLE and T61STRING, IA5STRING or UTF8STRING > (<=> with supersets of PRINTABLE) ? Comments are welcome. >
I've committed an equivalent patch to 0.9.7 and 0.9.8 which is designed to handle some CAs that reecode DNs to UTF8 without issuing name rollover certificates. Steve. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
