[EMAIL PROTECTED] wrote:
>
> > Full_Name: Ari Suutari
...
> > Everything works
> > very well, except when a client has a certificate that has
> > scandinavian characters in subject (this is quite common actually).
> >
> > Maybe mod_ssl could have an option which turns escaping off ?
> >
...
> No, it is the other way around. Your certificates should not contain
> special characters - most apps will not handle that correctly.
Well, my view is that those applications will have to change. And if
there are problems with the standards, they will have to be changed
or replaced by new standards.
Here in Sweden, and probably in several other European countries, there
is lots of work going on defining Electronic ID's based on X.509
certificates. I expect future ID cards (maybe also your drivers license)
to be based on some SmartCard technology with ebbedded certificates
(probably several of them, for different uses).
I don't think the people working with (or using) these certificates
would expect users to change their names, addresses or whatever, just
to be able to get it to work with broken software. (I don't think there
are any major problems with the standards, just the software
implementing
them).
I agree that lots of software (mostkly of US origin) don't handle
international characters very well. But if we work around the problem
(by changing our names!!) the problems will just become worse.
> Just
> as an example, try importing such a client certificate in MSIE - if
> there is any such special chars in the CN, then it can't display the
> name.
Well, who is surprised about MSIE doing the wrong thing?
But I certainly expect more from mod/openssl.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
