Hi, I have found out in a project that the use of the short name UID in openssl, for the Unique Identifier OID defined in X520, definitively causes confusion and potentials problems.
There seem a very common use of this abreviation to designate instead the user id, defined in RFC1274. A little search on google with UID and rfc1274 shows that this what is used in LDAP products. I have been directly confronted with a confusion caused by the fact someone who wanted to insert the RFC1274 uid, just found uid in the short name handled by openssl, and inserted a X520 unique Identifier instead of what was truly intended. Unique Identifier is OID 2 5 4 45 and come from X520 User Identifier is OID 0 9 2342 19200300 100 1 1 and comes from RFC1274. 0 9 2342 19200300 100 1 34 in RFC1274 is also named unique Identifier, but seems little used. In order to avoid this name clash, the choice has been made in the LDAP world that the x500 UID would be named x500UniqueIdentifier. See for example : http://www.openldap.org/lists/ietf-ldapext/199812/msg00007.html So it would be best if openssl avoids the confusing uid abreviation and switches to something similar to x500UniqueIdentifier. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]