From: Jean-Marc Desperrier <[EMAIL PROTECTED]> Note that since the short name UID exists in both "camps" and OpenSSL is somewhere in the middle, there's a definite conflict of interest here. However, most people I've talked with consider UID to be deprecated in the X.500 world, so perhaps it's not such a problem any more. Thoughts on this?
jean-marc.desperrier> Hi, jean-marc.desperrier> jean-marc.desperrier> I have found out in a project that the use of the short name UID in jean-marc.desperrier> openssl, for the Unique Identifier OID defined in X520, definitively jean-marc.desperrier> causes confusion and potentials problems. jean-marc.desperrier> jean-marc.desperrier> There seem a very common use of this abreviation to designate instead jean-marc.desperrier> the user id, defined in RFC1274. jean-marc.desperrier> A little search on google with UID and rfc1274 shows that this what is jean-marc.desperrier> used in LDAP products. jean-marc.desperrier> jean-marc.desperrier> I have been directly confronted with a confusion caused by the fact jean-marc.desperrier> someone who wanted to insert the RFC1274 uid, just found uid in the jean-marc.desperrier> short name handled by openssl, and inserted a X520 unique Identifier jean-marc.desperrier> instead of what was truly intended. jean-marc.desperrier> jean-marc.desperrier> Unique Identifier is OID 2 5 4 45 and come from X520 jean-marc.desperrier> User Identifier is OID 0 9 2342 19200300 100 1 1 and comes from RFC1274. jean-marc.desperrier> jean-marc.desperrier> 0 9 2342 19200300 100 1 34 in RFC1274 is also named unique Identifier, jean-marc.desperrier> but seems little used. jean-marc.desperrier> jean-marc.desperrier> In order to avoid this name clash, the choice has been made in the LDAP jean-marc.desperrier> world that the x500 UID would be named x500UniqueIdentifier. jean-marc.desperrier> See for example : jean-marc.desperrier> http://www.openldap.org/lists/ietf-ldapext/199812/msg00007.html jean-marc.desperrier> jean-marc.desperrier> So it would be best if openssl avoids the confusing uid abreviation and jean-marc.desperrier> switches to something similar to x500UniqueIdentifier. -- Richard Levitte \ Spannv�gen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-733-72 88 11 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Software Engineer, GemPlus: http://www.gemplus.com/ Unsolicited commercial email is subject to an archival fee of $400. See <http://www.stacken.kth.se/~levitte/mail/> for more info. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
