Bug Report OpenSSL 1.0.0 encodes the DN attribute rfc822Mailbox, also known as "mail", "MAIL", or 0.9.2342.19200300.100.1.3, as a DirectoryString (specifically, a TeletexString/T61String) when it contains characters such as the @ symbol.
However, the RFCs on the topic (1274, 4524) are consistent in specifying this attribute as an IA5String, just like E/emailAddress. The change should hopefully be a "quick fix" rather than something terribly involved... Steps to reproduce: ********* openssl req -new -x509 ... config: [ req ] distinguished_name = req_dn [ req_dn ] mail = here...@mailaddress.org emailAddress = here...@mailaddress.org ********* The output DN will encode emailAddress as IA5String, but mail as TeletexString. -Sean ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org