> On Fri, Dec 12, 2008 at 2:02 PM, Victor Duchovni
> <victor.ducho...@morganstanley.com> wrote:
>> On Fri, Dec 12, 2008 at 10:46:20PM +0100, Matteo Cazzador wrote:
>>
>>> >Correctly implemented certificate parsers will display UTF8 encodings
>>> to
>>> >the user in a way that the user can understand. The code-points are
>>> >logically
>>> >the same regardless of the encoding. UTF-8 is the only non Latin
>>> encoding
>>> >supported with X.509 DirectoryNames (e.g. CN).
>>>
>>> It's clear Thank's a lot !
>>
>> One final subtle point, the software that creates the certificate has
>> to ensure that the DirectoryString is labeled as UTF8 String. And I
>> neglected to mention that you can also use Unicode.
>
> UTF8 is an integral part of Unicode, and is never used without
> Unicode. It's a means of encoding multi-byte characters into a
> standard 8-bit communication channel, in a way that includes its own
> mini-validation ruleset. The bytes 0x00 and 0xff never ever appear in
> a UTF8-encoded string.
>
> For more information, please see The Unicode Standard, available from
> http://www.unicode.org/ .
>
> -Kyle H
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org
>
I found this settings about openssl.conf settings is it correct ?
DirectoryString ::= CHOICE {
printableString PrintableString
teletexString TeletexString
utf8String UTF8String
bmpString BMPString
universalString UniversalString
}
--
Ing. Matteo Cazzador
NetLite snc di Cazzador Gagliardi
Email: mat...@netlite.it
Web: http://www.netlite.it
Personal Web Page: http://www.progettostema.it
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
