Sorry for my english.
Please help me to clarify the using of the such ASN1 structure in
RDNSequence and in SubjectDirectoryAttributes.
Why do they have different ASN1 structure, if they play the same role but in
different contexts.

For what reason there is "SET OF"? OpenSSL always used only one SEQ in
every SET.
Why is it used?.If standart would omit, what effect this can has?
RDNSequence : := SEQUENCE OF RelativeDistinguishedName
RelativeDistinguishedName : := SET OF AttributeTypeAndValue
AttributeTypeAndValue: := SEQUENCE {
type AttributeType,
value AttributeValue}

SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF
Attribute ::= SEQUENCE {
type Attributetype,
values SET OF AttributeValue } Why "SET OF" is used exactly in this
place instead of place of previous ASN1 Structure.
By the way, does OpenSSL support of "SubjectDirectoryAttributes"
extension?If not,In what the most painless way this can be done?

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org