> From: owner-openssl-us...@openssl.org On Behalf Of Jeffrey Walton > Sent: Tuesday, July 08, 2014 20:33
> On Tue, Jul 8, 2014 at 7:00 PM, Dave Thompson <dthomp...@prinpay.com> > wrote: > >> From: owner-openssl-us...@openssl.org On Behalf Of Jeffrey Walton > >> Sent: Tuesday, July 08, 2014 16:20 > > ... > >> Not sure if this is any consolation, but countryName is a > >> DirectoryString, and PrintableString is OK per RFC 5280 > >> (http://tools.ietf.org/html/rfc5280#section-4.1.2.6): > > > > Actually it's not. 4.1.2.4 Issuer says Name.RDN.AVA values are > > 'generally' DirectoryString, but see appendix A on p115: > > countryName is PrintableString size(2), presumably because its > > allowed values are from ISO 3166 which in turn uses ASCII letters. > So countryName is not PrintableString? > countryName IS PrintableString. countryName is specified as exactly PrintableString, unlike other fields which are specified as DirectoryString where DirectoryString is CHOICE that includes PrintableString as one option so those fields MAY BE PrintableString. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
