a short plea from someone who just had to dig through OpenSSL code and figuring out why I was getting T.61 strings instead of UTF8Strings.
Would you _please_ and kindly change the default of global_mask in crypto/asn1/a_strnid.c from 0xFFFFFFFFL to B_ASN1_UTF8STRING OpenSSL upstream has had the mask set to utf8only in the config file since 2005, but kept the default to the code. This makes OpenSSL by default non-compatible with RFC5280, and is generally a headache to work with. Kind regards, D.S. - who just spent hours chasing that behaviour down in OpenSSL.
