For a time period of days I've been attempting to chase down why MBSTRING_UTF8 got utf-8 encoded strings turned into T.61 when generating a CSR with a library, but were utf8strings when using the openssl command line tool.
Finally found it. crypto/asn1/a_strnid.c has the default global_mask set to 0xFFFFFFFFL instead of B_ASN1_UTF8STRING. Openssl.cnf has had the default set (this papers over the behaviour) to utf8 since 2005. The comments in the code (from 2004 or so) claim that the reason for the default is Netscape Navigator ( had a 2 % market share in 2004. Go compat!) It's now 2014. That is 20 years since utf8 became standard. 19 years since T.61 was considered deprecated. Please fix the default. //D.S. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
