Various clarifications to extension docs: change the name of literal

  Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3:

      o Lots of enhancements and cleanups to the Configuration mechanism

      o RSA OEAP related fixes

      o Support for PKCS#5 v2.0 ASN1 PBES2 structures

      o Added `openssl ca -revoke' option for revoking a certificate

      o Source cleanups: const correctness, type-safe stacks and ASN.1 SETs

      o Source tree cleanups: removed lots of obsolete files

      o Support for Thawte SXNet extensions

      o Full integration of PKCS#12 support

      o Thawte SXNet, certificate policies and CRL distribution points

	 extension support

      o Preliminary (experimental) S/MIME support

      o Support for ASN.1 UTF8String and VisibleString

      o Full integration of PKCS#12 code

      o Sparc assembler bignum implementation, optimized hash functions

  Major changes between OpenSSL 0.9.1c and OpenSSL 0.9.2b:

static int v3_check_generic(char **value)

{

	char *p = *value;

	if((strlen(p) < 4) || strncmp(p, "RAW:,", 4)) return 0;

	if((strlen(p) < 4) || strncmp(p, "DER:,", 4)) return 0;

	p+=4;

	while(isspace((unsigned char)*p)) p++;

	*value = p;

extensions = extension_section

in the nameless (default) section is used. If no such line is include then

in the nameless (default) section is used. If no such line is included then

it uses the default section.

You can also add extensions to CRLs: a line

have *any* critical extensions (these violates PKIX but we have to live

with it).

There are three main types of extension, string extensions, multi valued

There are three main types of extension: string extensions, multi valued

extensions, and raw extensions.

String extensions simply have a string which defines the value of the or how

it is obtained.

String extensions simply have a string which contains either the value itself

or how it is obtained.

For example:

This is because the configuration file code cannot handle the same name

occurring twice in the same extension.

Raw extensions allow arbitrary data to be placed in an extension. For

example

The syntax of raw extensions is governed by the extension code: it can

for example contain data in multiple sections. The correct syntax to

use is defined by the extension code itself: check out the certificate

policies extension for an example.

1.2.3.4=critical,RAW:01:02:03:04

1.2.3.4=RAW:01020304

In addition it is also possible to use the word DER to include arbitrary

data in any extension.

The value following RAW is a hex dump of the extension contents. Any extension

can be placed in this form to override the default behaviour. For example:

1.2.3.4=critical,DER:01:02:03:04

1.2.3.4=DER:01020304

basicConstraints=critical,RAW:00:01:02:03

The value following DER is a hex dump of the DER encoding of the extension

Any extension can be placed in this form to override the default behaviour.

For example:

basicConstraints=critical,DER:00:01:02:03

WARNING: raw extensions should be used with caution. It is possible to create

totally invalid extensions unless care is taken.

WARNING: DER should be used with caution. It is possible to create totally

invalid extensions unless care is taken.

CURRENTLY SUPPORTED EXTENSIONS.