On Mon Jul 21 20:29:47 2014, v...@v13.gr wrote: > > I'm not sure whether this change is needed at all as there's no > justification > for it.
The justification is in RFC3280 et al: "The UTF8String encoding [RFC 2279] is the preferred encoding, and all certificates issued after December 31, 2003 MUST use the UTF8String encoding of DirectoryString (except as noted below)." So in that sense OpenSSL was a bit behind the times. The configuration files were set to use UTF8 only well before then but not the default in the source. The bug is in any software which relies on the DirectoryString being a PrintableString and not in OpenSSL. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org