On Sun, May 13, 2012 at 4:31 PM, Thomas Anderson <zeln...@gmail.com> wrote:
> On Sun, May 13, 2012 at 2:00 PM, Jeffrey Walton <noloa...@gmail.com> wrote:
>> On Sun, May 13, 2012 at 1:55 PM, Thomas Anderson <zeln...@gmail.com> wrote:
>>> openssl probably just doesn't recognize that OID. Here's what
>>> phpseclib (the latest SVN) shows for that particular extension:
>>>
>>> [8] => Array
>>> (
>>> [extnId] => id-ce-subjectAltName
>>> [critical] =>
>>> [extnValue] => Array
>>> (
>>> [0] => Array
>>> (
>>> [otherName] => Array
>>> (
>>> [type-id] => 1.3.6.1.4.1.311.20.2.3
>>> [value] => t...@kontorlan.tag.no
>>> )
>>>
>>> )
>>>
>>> )
>>>
>>> )
>>>
>>> Here's a link to phpsecllib: http://phpseclib.sourceforge.net/
>>>
>> Its private (4) for an enterprise (1):
>> http://www.oid-info.com/cgi-bin/display?oid=1.3.6.1.4.1.311.20.2.3&action=display
>>
>> OpenSSL cannot possibly know how to interpret the (311) (20) (2)
>> branch or the (3) leaf node.
>
> Hmmm. Weird. asn1parse doesn't seem to mind. Here's how that parses
> the subjAltName extension:
>
> 0:d=0 hl=2 l= 39 cons: SEQUENCE
> 2:d=1 hl=2 l= 37 cons: cont [ 0 ]
> 4:d=2 hl=2 l= 10 prim: OBJECT :Microsoft Universal
> Principal Name
> 16:d=2 hl=2 l= 23 cons: cont [ 0 ]
> 18:d=3 hl=2 l= 21 prim: UTF8STRING
Yes, it can probably be parsed by any ASN.1 parser. But the OID is
private - only the organization knows how to interpret it (or what to
do with it).
:��I"Ϯ��r�m����
(����Z+�K�+����1���x��h����[�z�(����Z+���f�y�������f���h��)z{,���