In message <[EMAIL PROTECTED]> on Wed, 14 Jan 2004 14:23:46 +0100, Olaf Gellert <[EMAIL PROTECTED]> said:
og> I just came across some significant change between og> openssl 0.9.6 and openssl 0.9.7 (at least I compared og> openssl 0.9.6k and 0.9.7c): When I print a DN containing og> an Email-Address using OpenSSL 0.9.6, it says og> something like og> og> C=DE/O=.../OU=.../CN=www.foo.com/[EMAIL PROTECTED] og> og> Using 0.9.7, the output is: og> og> C=DE/O=.../OU=.../CN=www.foo.com/[EMAIL PROTECTED] og> og> I guess this will be a problem for all applications that og> obiously use the output of OpenSSL, for example apache og> (with the option FakeBasicAuth, which requires the Distinguished og> Names in a password-file) and obviously the GRID-software og> globus (which requires signing-policy-files for each og> CA-certificate). og> og> Is this already known (and documented somewhere)? og> Was this change made to adapt to any standards or og> were there other reasons? The change was to conform to standards. There's no attribute type called Email, and the correct name is emailAddress. We know that it means some changes for some pieces of software (hell, I know, as I developped some commercial software that depended on this back when the change went through), and I don't recall the decision process in this issue. It's obvious we found correctness worth enough to create the disturbanse. ----- Please consider sponsoring my work on free software. See http://www.free.lp.se/sponsoring.html for details. You don't have to be rich, a $10 donation is appreciated! -- Richard Levitte \ Tunnlandsvägen 3 \ [EMAIL PROTECTED] [EMAIL PROTECTED] \ S-168 36 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See <http://www.stacken.kth.se/~levitte/mail/> for more info. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
