On Sun, Dec 14, 2008 at 08:22:38AM -0800, Kyle Hamilton wrote:
> On Fri, Dec 12, 2008 at 2:02 PM, Victor Duchovni
> <victor.ducho...@morganstanley.com> wrote:
> > On Fri, Dec 12, 2008 at 10:46:20PM +0100, Matteo Cazzador wrote:
> >
> >> >Correctly implemented certificate parsers will display UTF8 encodings to
> >> >the user in a way that the user can understand. The code-points are
> >> >logically
> >> >the same regardless of the encoding. UTF-8 is the only non Latin encoding
> >> >supported with X.509 DirectoryNames (e.g. CN).
> >>
> >> It's clear Thank's a lot !
> >
> > One final subtle point, the software that creates the certificate has
> > to ensure that the DirectoryString is labeled as UTF8 String. And I
> > neglected to mention that you can also use Unicode.
>
> UTF8 is an integral part of Unicode, and is never used without
> Unicode. It's a means of encoding multi-byte characters into a
> standard 8-bit communication channel, in a way that includes its own
> mini-validation ruleset. The bytes 0x00 and 0xff never ever appear in
> a UTF8-encoded string.
By "Unicode", I loosely meant the fixed width multibyte alternatives to
UTF8, namely BMPString (UCS-2) and UniversalString (UCS-4)
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
