> Could not find a definitive answer on google, so thought it would be
> best to ask the experts :)
Its probably been discussed on the PKIX mailing list at some point
(http://mailarchive.ietf.org/arch/search/?email_list=pkix).
Keys don't use them. Certificates can use them based on the ASN.1 type.
However, I work on a C++ project, and the CA removed the CN we
requested. I'm guessing it was because of the "++" in the common name
(friendly name displayed to the user), which may have wreaked havoc on
some scripts. I've been waiting to see a BlackHat talk on it.
Jeff
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
