Jean-Marc Desperrier wrote: > The UID of openssl is NOT the UID of RFC2253. > When openssl displays the string UID in a name, it's a > X500UniqueIdentifier, not a unserid.
Yes, I think there was a similar case a few years back when Microsoft chose "ST" as their encoding for streetAddress, when the IETF was using it for stateOrProvinceName. > Right now openssl displays userid as 0.9.2342.19200300.100.1.1 in the string >encoding of distinguished > names. Dotted decimal encoding is legal, IIRC. > So deprecating the UID/X500UniqueIdentifier will not remove any functionnality with >regard to the RFC > you're quoting. If we encode userid as anything but the string "UID" we would not be compatible with LDAP, so I still maintain that we can't simply deprecate it. I still claim the easiest way to solve this is by adding a new parameter specifically for string encodings. Objects for which there were no such parameter given would simply use the dotted decimal, which would still be legal. //oscar ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
