[openssl-project] To use or not use the iconv API, and to use or not use other libraries

Richard Levitte levitte at openssl.org
Thu Jun 7 11:54:11 UTC 2018


This PR has been blocked, forcing a vote:


Background: we have been sloppy when producing PKCS#12 files, creating
objects that aren't interoperable.  This can only happen with non-UTF8
input methods, so this PR adds a higher level of control in the
openssl application, so that it will do the best it can to make sure a
pass phrase encoded with something other than UTF-8 gets correctly
re-encoded, and failing that, try and make the user aware that they
are about to create a non-interoperable object.  This triggered the
use of the iconv API, and in the case of Mac OS/X, the use of the
separate libiconv library.

I'm going to make this into two votes, as both topics have come out
because of this.

1. A vote about general use of other libraries, limited to standard
   system libraries, which may be platform dependent (I expect
   libiconv on Mac OS/X to be such a library)

2. A vote about the use of the iconv API

Please discuss here, no in the vote threads.


Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/

More information about the openssl-project mailing list