On Sat, Jul 07, 2018 at 10:43:26AM +0200, Kurt Roeckx via dev-security-policy wrote: > On Sat, Jul 07, 2018 at 01:23:24AM +0000, Peter Gutmann via > dev-security-policy wrote: > > > > So for certlint I'd always warn for T61String with anything other than ASCII > > (which century are they living in? Point them at UTF8 and tell them to come > > back when they've implemented it), treat it as a probably 8859-1 string when > > checking for validity, and report an error if they try anything like > > character > > set switching and fancy escape sequences, which are pretty much guaranteed > > not > > to work (i.e. display) properly. > > I think it should generate an error on any character not defined > in 102 and the space character. So any time you try to use anything > in C0, C1 and G1, and those 6 in 102 that are not defined.
I just changed the check in x509lint to do that. Kurt _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
