From: Jean-Marc Desperrier <[EMAIL PROTECTED]> The short names and long names in OpenSSL have indeed been a source of great confusion. If I don't recall to look at it before the coming weekend, please remind me.
Time to end the confusions... jean-marc.desperrier> Hi, jean-marc.desperrier> jean-marc.desperrier> I have found out in a project that the use of the short name UID in jean-marc.desperrier> openssl, for the Unique Identifier OID defined in X520, definitively jean-marc.desperrier> causes confusion and potentials problems. jean-marc.desperrier> jean-marc.desperrier> There seem a very common use of this abreviation to designate instead jean-marc.desperrier> the user id, defined in RFC1274. jean-marc.desperrier> A little search on google with UID and rfc1274 shows that this what is jean-marc.desperrier> used in LDAP products. jean-marc.desperrier> jean-marc.desperrier> I have been directly confronted with a confusion caused by the fact jean-marc.desperrier> someone who wanted to insert the RFC1274 uid, just found uid in the jean-marc.desperrier> short name handled by openssl, and inserted a X520 unique Identifier jean-marc.desperrier> instead of what was truly intended. jean-marc.desperrier> jean-marc.desperrier> Unique Identifier is OID 2 5 4 45 and come from X520 jean-marc.desperrier> User Identifier is OID 0 9 2342 19200300 100 1 1 and comes from RFC1274. jean-marc.desperrier> jean-marc.desperrier> 0 9 2342 19200300 100 1 34 in RFC1274 is also named unique Identifier, jean-marc.desperrier> but seems little used. jean-marc.desperrier> jean-marc.desperrier> In order to avoid this name clash, the choice has been made in the LDAP jean-marc.desperrier> world that the x500 UID would be named x500UniqueIdentifier. jean-marc.desperrier> See for example : jean-marc.desperrier> http://www.openldap.org/lists/ietf-ldapext/199812/msg00007.html jean-marc.desperrier> jean-marc.desperrier> So it would be best if openssl avoids the confusing uid abreviation and jean-marc.desperrier> switches to something similar to x500UniqueIdentifier. jean-marc.desperrier> jean-marc.desperrier> ______________________________________________________________________ jean-marc.desperrier> OpenSSL Project http://www.openssl.org jean-marc.desperrier> Development Mailing List [EMAIL PROTECTED] jean-marc.desperrier> Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
