I'll stick to using CERT_AsciiToName() since I use it once to generate a singleCERTName object from a fixed string (see myDNString above). The bugs you refer to seem to deal with unusual ascii formats. I won't be using it to convert a variety of Ascii formats. And it works. When will the bugs be fixed anyway?
BTW, what about the other method you suggested above: NSS compares the DER-encoded names using SECITEM_ItemsAreEqual. The DER form is also in the CERTCertificate struct. Could you give me a code snippet for generating a SECITEM from my fixed string myDNString? -- POC _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
