On Tue, Mar 31, 2009 at 2:18 PM, Dirk Reske <d...@devhost.de> wrote: > Yes, we know about the security issues with the extended private data. > But this is no commercial project, but a case study at our university. > > Dirk
Alright. (If any university in the US tried to do anything like this they'd be up on ethics charges at the very least, but... alright.) If you need to create your own private extensions, you need to obtain a Private Enterprise Number from the IANA -- you can get to the page to request one at http://pen.iana.org/pen/PenApplication.page . This is a fully-qualified number in the OID space, of the form 1.4.3.1.6.1.(PEN). These OIDs are required to be unique, and never reused -- and their semantics never changed once allocated. This shouldn't generally be a problem, because you can have as many subtrees off of your PEN as you might possibly want. At this moment, the webserver hosting the PEN application page doesn't seem to be working, but information on the authority for the program can be found in RFC 2578. -Kyle H ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
