On Mon, Jun 14, 2004 at 12:11:33PM -0400, Jeffrey Altman wrote: > What follows is simply my opinion but I believe it to be correct: > > The name must match the text the user entered when specifying the > desired host. As such there are multiple input forms which resolve to > the same name. Instead of using Common Name you should use > subjectAltName and provide two entries; one for each of the UTF8 > representation and the ACE representation.
But subjectAltName's dNSName is an IA5String (similarly for the URI), so you *cannot* put anything but ASCII in there currently. This is all covered in RFC3280 with an "arrgh, i18n DNS, let's solve that later" proviso :) Regards, joe ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
