On Mon, Feb 13, 2006 at 08:03:41PM +0100, Dr. Stephen Henson wrote:
> On Mon, Feb 13, 2006, [EMAIL PROTECTED] wrote:
>
> > Hi everybody!
> >
> > Here is the sample code:
> >
> > int nid;
> > nid = OBJ_create("1.2.3.4", "MyAlias", "My Test
> > Alias Extension");
> > X509V3_EXT_add_alias(nid, NID_netscape_comment);
> > add_ext(x, nid, "Test Extension...");
> >
> > It works fine :) But I want to change the first
> > parameter in OBJ_create() and I fail there. As I think,
> > it have to be in some special format, but I can't found
> > any info about it.
> >
>
> It is the stndard dotted form of an OBJECT IDENTIFIER.
>
> Roughly speaking a sequence of two or more non-negative integers separated by
> dots.
>
> The first number can be 0, 1 or 2.
>
> The second 0 to 39 unless the first number is 2 in which case it can take any
> value.
>
> Subsequent numbers can take any value, though it is usual to keep them
> relatively small (say 32 bits maximum).
>
> The first few digits are often reserved for certain origanizations and they
> can
> define the meaning of objects within their "arc".
>
> You shouldn't therefore just make up a random set of digits especially if it
> to appear in anything public.
2.25.x is unregulated and therefore you can drop anything down there
without having to apply.
The risk is that your ids will collide with someone else's so you must
be careful parsing extensions.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
