Rev 2 | Details | Compare with Previous | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
2 | daniel-mar | 1 | <div id="global_content"> |
2 | <div id="introduction"> |
||
3 | |||
4 | <table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
5 | <tbody> |
||
6 | <tr> |
||
7 | <td><span class="page_title"><a name="oid"></a>Introduction to OIDs</span></td> |
||
13 | daniel-mar | 8 | |
9 | <td width="28%" valign="middle" align="right"> |
||
10 | <div id="menu"> |
||
11 | <ul> |
||
12 | <li> |
||
13 | <a href="doc/introduction%20to%20object%20identifiers%20(OIDs).pdf">Presentation on OIDs</a> |
||
14 | </li> |
||
15 | <li> |
||
16 | <a href="faq.htm">Frequently Asked Questions<!-- (FAQ)--></a> |
||
17 | </li> |
||
18 | </ul> |
||
19 | </div> |
||
20 | </td> |
||
21 | |||
2 | daniel-mar | 22 | </tr> |
13 | daniel-mar | 23 | <tr><td colspan="2"> |
2 | daniel-mar | 24 | <p> |
25 | The Object Identifier (OID) concept and implementation dates back to |
||
26 | the mid-1980s, based on collaboration with the International Federation |
||
27 | for Information Processing (IFIP) over the previous several years. |
||
28 | </p> |
||
29 | <p> |
||
30 | OIDs provide a persistent identification of objects based on a hierarchical |
||
31 | structure of Registration Authorities (RA), where each parent has an |
||
32 | object identifier and allocates object identifiers to child nodes. It |
||
33 | provides a universal and flexible identification scheme for persistent |
||
34 | objects. It has been supported and recommended by ITU-T, ISO and IEC, |
||
35 | and has been used in many ITU-T (and ITU-R) Recommendations, and ISO |
||
36 | and IEC International Standards, since the middle 1980s, as part of |
||
37 | the ASN.1 (Abstract Syntax Notation One). |
||
38 | </p> |
||
39 | <p> |
||
40 | Almost any organization, Recommendation, or Standard can obtain (if |
||
41 | it not already has) an OID node. OIDs are fundamental for all security |
||
42 | work in ITU, ISO and IETF, and are widely used in many standards. |
||
43 | </p> |
||
44 | </td></tr> |
||
45 | |||
46 | <tr><td> |
||
47 | <p> |
||
48 | <img src="images/fl.png" style="width: 10px; height: 8px;" |
||
13 | daniel-mar | 49 | width="41" border="0" height="8"> <a href="https://www.itu.int/pub/T-HDB-LNG.4-2010"><span style="font-size:12px;"> |
50 | OID handbook |
||
51 | </span></a> |
||
52 | </p> |
||
53 | <p> |
||
54 | <img src="images/fl.png" style="width: 10px; height: 8px;" |
||
55 | width="41" border="0" height="8"> <a href="faq.htm#16"><span style="font-size:12px;"> |
||
2 | daniel-mar | 56 | What |
57 | do we call a registration tree (or object identifier tree)? |
||
58 | </span></a> |
||
59 | </p> |
||
60 | <p> |
||
61 | <img src="images/fl.png" style="width: 10px; height: 8px;" |
||
13 | daniel-mar | 62 | width="41" border="0" height="8"> <a href="faq.htm#18"><span style="font-size:12px;"> |
2 | daniel-mar | 63 | How |
64 | is the entire registration tree managed? |
||
65 | </span></a> |
||
66 | </p> |
||
67 | <p> |
||
13 | daniel-mar | 68 | <img src="images/fl.png" style="width: 10px; height: 8px;" width="41" border="0" height="8"> <a href="#" onclick="showdiv('Q3');"><span style="font-size:12px;"> |
2 | daniel-mar | 69 | Where |
70 | can I learn more about OIDs and registration? |
||
71 | </span></a> |
||
72 | </p> |
||
73 | </td></tr> |
||
74 | |||
75 | </tbody> |
||
76 | </table> |
||
77 | <table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
78 | <tbody> |
||
79 | <tr> |
||
80 | <span class="section_title"><a name="long-arc"></a>Internationalization and the long arc concept</span> |
||
81 | </tr> |
||
82 | </tbody> |
||
83 | </table> |
||
84 | <table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
85 | <tbody> |
||
86 | <tr><td> |
||
87 | <p> |
||
88 | In the early years of 2000, the Object Identifier tree was renamed as |
||
89 | the International Object Identifier tree, and the names of arcs were |
||
90 | extended to allow what were called "Unicode labels" - names in any language, |
||
91 | using the <a href="http://www.unicode.org">Unicode</a> character set |
||
92 | - and were made available for computer communication alongside the original |
||
93 | numbers. |
||
94 | </p> |
||
95 | <p> |
||
96 | At the same time, the concept of "long arcs" from the root of the International |
||
97 | OID tree to a node at level 2 or below was introduced. Long arcs do |
||
98 | not have numerical values, but provide an unambiguous reference to the |
||
99 | node from the root using a Unicode label. |
||
100 | </p> |
||
101 | <p> |
||
102 | Use of a path specified purely in terms of the set of Unicode labels |
||
103 | on the (normal or long) arcs from the root to a node is called an International |
||
104 | Object Identifier for that node. |
||
105 | </p> |
||
106 | <p> |
||
107 | In order to support names of arcs in multiple languages, an arc can |
||
108 | have multiple Unicode labels, giving rise to a need to transform a path |
||
109 | using Unicode labels into a canonical form of purely numerical labels |
||
110 | to identify the node. This is handled by the OID Resolution System (described |
||
111 | below). |
||
112 | </p> |
||
113 | </td></tr> |
||
114 | |||
115 | <tr><td> |
||
116 | <img src="images/fl.png" style="width: 10px; height: 8px;" width="41" border="0" height="8"> |
||
13 | daniel-mar | 117 | <a href="faq.htm#iri"><span style="font-size:12px;"> |
2 | daniel-mar | 118 | What |
119 | is an OID-IRI (Internationalized Resource Identifier)? |
||
120 | </span></a> |
||
121 | </td></tr> |
||
122 | |||
123 | </tbody> |
||
124 | </table> |
||
125 | <br><table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
126 | <tbody> |
||
127 | <tr> |
||
128 | <td><span class="section_title"><a name="use"></a>Use of OIDs</span></td> |
||
129 | </tr> |
||
130 | <tr><td> |
||
131 | <p> |
||
132 | It is hard to summarize the uses. This OID repository gives an impression |
||
133 | of the wide-spread use. |
||
134 | </p> |
||
135 | <p>Known areas of use include:</p> |
||
136 | <ul> |
||
137 | <li> |
||
138 | Extensive use in security in IETF, Rec. ITU-T X.500, ISO/IEC, RSA |
||
139 | and NIST encryption algorithms, etc.; |
||
140 | </li> |
||
141 | <li> extensive use in e-health standards;</li> |
||
142 | <li> |
||
143 | extensive use for network management (Management Information Bases, |
||
144 | MIBS); |
||
145 | </li> |
||
146 | <li>use related to RFID tags;</li> |
||
147 | <li>emerging use for the Common Alerting Protocol for disaster notification:</li> |
||
148 | <li>use forcybersecurity alerts. </li> |
||
149 | </ul> |
||
150 | </td></tr> |
||
151 | <tr><td> |
||
152 | <p> |
||
153 | <img src="images/fl.png" style="width: 10px; height: 8px;" |
||
13 | daniel-mar | 154 | width="41" border="0" height="8"> <a href="faq.htm#2"><span style="font-size:12px;"> |
2 | daniel-mar | 155 | Which |
156 | kind of objects can be referenced by OIDs? |
||
157 | </span></a> |
||
158 | </p> |
||
159 | <p> |
||
160 | <img src="images/fl.png" style="width: 10px; height: 8px;" |
||
13 | daniel-mar | 161 | width="41" border="0" height="8"> <a href="faq.htm#10"><span style="font-size:12px;"> |
2 | daniel-mar | 162 | How |
163 | to get an OID assigned? |
||
164 | </span></a> |
||
165 | </p> |
||
166 | </td></tr> |
||
167 | </tbody> |
||
168 | </table> |
||
169 | |||
170 | <table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
171 | <tbody> |
||
172 | <tr> |
||
173 | <td><span class="section_title"><a name="ors"></a>Introduction to the ORS (OID Resolution System)</span></td> |
||
174 | </tr> |
||
175 | </tbody> |
||
176 | </table> |
||
177 | <table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
178 | <tbody> |
||
179 | <tr><td> |
||
180 | <p> |
||
181 | Given that there are multiple ways of identifying an International |
||
182 | Object Identifier tree node by a set of Unicode labels defining the |
||
183 | path from the root to that node, there was a requirement to be able |
||
184 | to transform that by an efficient on-line look-up into a canonical form |
||
185 | consisting of the all-numeric identification of arcs of the path (canonicalization). |
||
186 | </p> |
||
187 | <p> |
||
188 | There was also a requirement for the management of a node to be able |
||
189 | to store (and applications to retrieve) information associated with |
||
190 | a node in a flexible way (node information retrieval). This was first |
||
191 | identified in terms of RFID applications (What is the content of this |
||
192 | jar of jam? Who is the owner of this piece of hold baggage? etc.) but |
||
193 | now extends more widely. |
||
194 | </p> |
||
195 | <p> |
||
196 | There was a requirement for both of these look-up activities to be |
||
197 | fully supported by authentication of the returned result with a trust |
||
198 | anchor. |
||
199 | </p> |
||
200 | <p> |
||
201 | The OID Resolution System (ORS) was developed from 2004 onwards, and |
||
202 | allows an application to obtain (online) application-specific information |
||
203 | related to any node identified by an OID. |
||
204 | </p> |
||
205 | <p> |
||
206 | The ORS enables any one of the OID nodes to be mapped into DNS name |
||
207 | zone files, and information about it can be obtained by a DNS look-up |
||
208 | for further application processing. The system was initially designed |
||
209 | to support RFID tag activity, but also has applications in many other |
||
210 | application areas. |
||
211 | </p> |
||
212 | </td></tr> |
||
213 | <tr><td> |
||
214 | <img src="images/fl.png" style="width: 10px; height: 8px;" |
||
215 | width="41" border="0" height="8"> More |
||
216 | information in the |
||
217 | <a href="http://www.itu.int/pub/T-HDB-LNG.4-2010">OID |
||
218 | handbook</a> (part 6) |
||
219 | </td></tr> |
||
220 | </tbody> |
||
221 | </table> |
||
222 | <br><table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
223 | <tbody> |
||
224 | <tr> |
||
225 | <td><span class="section_title"><a name="features"></a>Features of the ORS (OID Resolution System)</span></td> |
||
226 | </tr> |
||
227 | <tr><td> |
||
228 | <ul> |
||
229 | <li> |
||
230 | <em>Support for the International Object Identifier tree naming scheme</em>: |
||
231 | Uses Unicode, so all languages can be included in the identification |
||
232 | of an object.<br><br></li> |
||
233 | <li> |
||
234 | <em>Relation to DNS</em>: International OIDs map to DNS names of the |
||
235 | form <code>zz.yy.xx.oid-res.org</code>. Look-ups are based on DNS zone-file |
||
236 | information, obtained via DNS port 53 (designed for the return of |
||
237 | application-specific information).<br><br></li> |
||
238 | <li> |
||
239 | <em>Security</em>: DNS servers supporting the mapping from the International |
||
240 | OID tree are required to support the DNSSEC protocol of the IETF, |
||
241 | and will return information authenticated using an ITU-T X.500 certificate |
||
242 | chain and a trust anchor.<br><br></li> |
||
243 | <li> |
||
244 | <em>Hierarchical structure</em><strong>:</strong>Any Registration Authority |
||
245 | that has been allocated a node in the International OID tree can make |
||
246 | allocations to children (entirely within its own responsibility), |
||
247 | and can provide (if requested) a pointer from its DNS zone files to |
||
248 | a server maintained by its child for its own DNS zone files. This |
||
249 | is entirely a matter between the parent and child, and is not constrained.<br><br></li> |
||
250 | <li> |
||
251 | <em>Absence of restrictions</em>: The International OID tree has potentially |
||
252 | infinitely many children from each node, and an infinite depth of |
||
253 | the tree. There is also no length restriction on the names used to |
||
254 | identify arcs (or on the characters used, within Unicode).<br><br></li> |
||
255 | <li> |
||
256 | <em>Application data</em>: The ORS can resolve an OID into its canonical |
||
257 | form, and can return authenticated URLs for access to any application |
||
258 | information recorded in the zone files for that OID. |
||
259 | </li> |
||
260 | </ul> |
||
261 | </td></tr> |
||
262 | </tbody> |
||
263 | </table> |
||
264 | </div> |
||
265 | <div class="clear"></div> |
||
266 | </div> |