Go to most recent revision | Details | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
2 | daniel-mar | 1 | <div id="global_content"> |
2 | <div id="introduction"> |
||
3 | |||
4 | <table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
5 | <tbody> |
||
6 | <tr> |
||
7 | <td><span class="page_title"><a name="oid"></a>Introduction to OIDs</span></td> |
||
8 | </tr> |
||
9 | <tr><td> |
||
10 | <p> |
||
11 | The Object Identifier (OID) concept and implementation dates back to |
||
12 | the mid-1980s, based on collaboration with the International Federation |
||
13 | for Information Processing (IFIP) over the previous several years. |
||
14 | </p> |
||
15 | <p> |
||
16 | OIDs provide a persistent identification of objects based on a hierarchical |
||
17 | structure of Registration Authorities (RA), where each parent has an |
||
18 | object identifier and allocates object identifiers to child nodes. It |
||
19 | provides a universal and flexible identification scheme for persistent |
||
20 | objects. It has been supported and recommended by ITU-T, ISO and IEC, |
||
21 | and has been used in many ITU-T (and ITU-R) Recommendations, and ISO |
||
22 | and IEC International Standards, since the middle 1980s, as part of |
||
23 | the ASN.1 (Abstract Syntax Notation One). |
||
24 | </p> |
||
25 | <p> |
||
26 | Almost any organization, Recommendation, or Standard can obtain (if |
||
27 | it not already has) an OID node. OIDs are fundamental for all security |
||
28 | work in ITU, ISO and IETF, and are widely used in many standards. |
||
29 | </p> |
||
30 | </td></tr> |
||
31 | |||
32 | <tr><td> |
||
33 | <p> |
||
34 | <img src="images/fl.png" style="width: 10px; height: 8px;" |
||
35 | width="41" border="0" height="8"> <a href="faq.htm#16"><span style="font-size:11px;"> |
||
36 | What |
||
37 | do we call a registration tree (or object identifier tree)? |
||
38 | </span></a> |
||
39 | </p> |
||
40 | <p> |
||
41 | <img src="images/fl.png" style="width: 10px; height: 8px;" |
||
42 | width="41" border="0" height="8"> <a href="faq.htm#18"><span style="font-size:11px;"> |
||
43 | How |
||
44 | is the entire registration tree managed? |
||
45 | </span></a> |
||
46 | </p> |
||
47 | <p> |
||
48 | <img src="images/fl.png" style="width: 10px; height: 8px;" width="41" border="0" height="8"> <a href="#" onclick="showdiv('Q3');"><span style="font-size:11px;"> |
||
49 | Where |
||
50 | can I learn more about OIDs and registration? |
||
51 | </span></a> |
||
52 | </p> |
||
53 | </td></tr> |
||
54 | |||
55 | </tbody> |
||
56 | </table> |
||
57 | <table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
58 | <tbody> |
||
59 | <tr> |
||
60 | <span class="section_title"><a name="long-arc"></a>Internationalization and the long arc concept</span> |
||
61 | </tr> |
||
62 | </tbody> |
||
63 | </table> |
||
64 | <table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
65 | <tbody> |
||
66 | <tr><td> |
||
67 | <p> |
||
68 | In the early years of 2000, the Object Identifier tree was renamed as |
||
69 | the International Object Identifier tree, and the names of arcs were |
||
70 | extended to allow what were called "Unicode labels" - names in any language, |
||
71 | using the <a href="http://www.unicode.org">Unicode</a> character set |
||
72 | - and were made available for computer communication alongside the original |
||
73 | numbers. |
||
74 | </p> |
||
75 | <p> |
||
76 | At the same time, the concept of "long arcs" from the root of the International |
||
77 | OID tree to a node at level 2 or below was introduced. Long arcs do |
||
78 | not have numerical values, but provide an unambiguous reference to the |
||
79 | node from the root using a Unicode label. |
||
80 | </p> |
||
81 | <p> |
||
82 | Use of a path specified purely in terms of the set of Unicode labels |
||
83 | on the (normal or long) arcs from the root to a node is called an International |
||
84 | Object Identifier for that node. |
||
85 | </p> |
||
86 | <p> |
||
87 | In order to support names of arcs in multiple languages, an arc can |
||
88 | have multiple Unicode labels, giving rise to a need to transform a path |
||
89 | using Unicode labels into a canonical form of purely numerical labels |
||
90 | to identify the node. This is handled by the OID Resolution System (described |
||
91 | below). |
||
92 | </p> |
||
93 | </td></tr> |
||
94 | |||
95 | <tr><td> |
||
96 | <img src="images/fl.png" style="width: 10px; height: 8px;" width="41" border="0" height="8"> |
||
97 | <a href="faq.htm#iri"><span style="font-size:11px;"> |
||
98 | What |
||
99 | is an OID-IRI (Internationalized Resource Identifier)? |
||
100 | </span></a> |
||
101 | </td></tr> |
||
102 | |||
103 | </tbody> |
||
104 | </table> |
||
105 | <br><table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
106 | <tbody> |
||
107 | <tr> |
||
108 | <td><span class="section_title"><a name="use"></a>Use of OIDs</span></td> |
||
109 | </tr> |
||
110 | <tr><td> |
||
111 | <p> |
||
112 | It is hard to summarize the uses. This OID repository gives an impression |
||
113 | of the wide-spread use. |
||
114 | </p> |
||
115 | <p>Known areas of use include:</p> |
||
116 | <ul> |
||
117 | <li> |
||
118 | Extensive use in security in IETF, Rec. ITU-T X.500, ISO/IEC, RSA |
||
119 | and NIST encryption algorithms, etc.; |
||
120 | </li> |
||
121 | <li> extensive use in e-health standards;</li> |
||
122 | <li> |
||
123 | extensive use for network management (Management Information Bases, |
||
124 | MIBS); |
||
125 | </li> |
||
126 | <li>use related to RFID tags;</li> |
||
127 | <li>emerging use for the Common Alerting Protocol for disaster notification:</li> |
||
128 | <li>use forcybersecurity alerts. </li> |
||
129 | </ul> |
||
130 | </td></tr> |
||
131 | <tr><td> |
||
132 | <p> |
||
133 | <img src="images/fl.png" style="width: 10px; height: 8px;" |
||
134 | width="41" border="0" height="8"> <a href="faq.htm#2"><span style="font-size:11px;"> |
||
135 | Which |
||
136 | kind of objects can be referenced by OIDs? |
||
137 | </span></a> |
||
138 | </p> |
||
139 | <p> |
||
140 | <img src="images/fl.png" style="width: 10px; height: 8px;" |
||
141 | width="41" border="0" height="8"> <a href="faq.htm#10"><span style="font-size:11px;"> |
||
142 | How |
||
143 | to get an OID assigned? |
||
144 | </span></a> |
||
145 | </p> |
||
146 | </td></tr> |
||
147 | </tbody> |
||
148 | </table> |
||
149 | |||
150 | <table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
151 | <tbody> |
||
152 | <tr> |
||
153 | <td><span class="section_title"><a name="ors"></a>Introduction to the ORS (OID Resolution System)</span></td> |
||
154 | </tr> |
||
155 | </tbody> |
||
156 | </table> |
||
157 | <table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
158 | <tbody> |
||
159 | <tr><td> |
||
160 | <p> |
||
161 | Given that there are multiple ways of identifying an International |
||
162 | Object Identifier tree node by a set of Unicode labels defining the |
||
163 | path from the root to that node, there was a requirement to be able |
||
164 | to transform that by an efficient on-line look-up into a canonical form |
||
165 | consisting of the all-numeric identification of arcs of the path (canonicalization). |
||
166 | </p> |
||
167 | <p> |
||
168 | There was also a requirement for the management of a node to be able |
||
169 | to store (and applications to retrieve) information associated with |
||
170 | a node in a flexible way (node information retrieval). This was first |
||
171 | identified in terms of RFID applications (What is the content of this |
||
172 | jar of jam? Who is the owner of this piece of hold baggage? etc.) but |
||
173 | now extends more widely. |
||
174 | </p> |
||
175 | <p> |
||
176 | There was a requirement for both of these look-up activities to be |
||
177 | fully supported by authentication of the returned result with a trust |
||
178 | anchor. |
||
179 | </p> |
||
180 | <p> |
||
181 | The OID Resolution System (ORS) was developed from 2004 onwards, and |
||
182 | allows an application to obtain (online) application-specific information |
||
183 | related to any node identified by an OID. |
||
184 | </p> |
||
185 | <p> |
||
186 | The ORS enables any one of the OID nodes to be mapped into DNS name |
||
187 | zone files, and information about it can be obtained by a DNS look-up |
||
188 | for further application processing. The system was initially designed |
||
189 | to support RFID tag activity, but also has applications in many other |
||
190 | application areas. |
||
191 | </p> |
||
192 | </td></tr> |
||
193 | <tr><td> |
||
194 | <img src="images/fl.png" style="width: 10px; height: 8px;" |
||
195 | width="41" border="0" height="8"> More |
||
196 | information in the |
||
197 | <a href="http://www.itu.int/pub/T-HDB-LNG.4-2010">OID |
||
198 | handbook</a> (part 6) |
||
199 | </td></tr> |
||
200 | </tbody> |
||
201 | </table> |
||
202 | <br><table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
203 | <tbody> |
||
204 | <tr> |
||
205 | <td><span class="section_title"><a name="features"></a>Features of the ORS (OID Resolution System)</span></td> |
||
206 | </tr> |
||
207 | <tr><td> |
||
208 | <ul> |
||
209 | <li> |
||
210 | <em>Support for the International Object Identifier tree naming scheme</em>: |
||
211 | Uses Unicode, so all languages can be included in the identification |
||
212 | of an object.<br><br></li> |
||
213 | <li> |
||
214 | <em>Relation to DNS</em>: International OIDs map to DNS names of the |
||
215 | form <code>zz.yy.xx.oid-res.org</code>. Look-ups are based on DNS zone-file |
||
216 | information, obtained via DNS port 53 (designed for the return of |
||
217 | application-specific information).<br><br></li> |
||
218 | <li> |
||
219 | <em>Security</em>: DNS servers supporting the mapping from the International |
||
220 | OID tree are required to support the DNSSEC protocol of the IETF, |
||
221 | and will return information authenticated using an ITU-T X.500 certificate |
||
222 | chain and a trust anchor.<br><br></li> |
||
223 | <li> |
||
224 | <em>Hierarchical structure</em><strong>:</strong>Any Registration Authority |
||
225 | that has been allocated a node in the International OID tree can make |
||
226 | allocations to children (entirely within its own responsibility), |
||
227 | and can provide (if requested) a pointer from its DNS zone files to |
||
228 | a server maintained by its child for its own DNS zone files. This |
||
229 | is entirely a matter between the parent and child, and is not constrained.<br><br></li> |
||
230 | <li> |
||
231 | <em>Absence of restrictions</em>: The International OID tree has potentially |
||
232 | infinitely many children from each node, and an infinite depth of |
||
233 | the tree. There is also no length restriction on the names used to |
||
234 | identify arcs (or on the characters used, within Unicode).<br><br></li> |
||
235 | <li> |
||
236 | <em>Application data</em>: The ORS can resolve an OID into its canonical |
||
237 | form, and can return authenticated URLs for access to any application |
||
238 | information recorded in the zone files for that OID. |
||
239 | </li> |
||
240 | </ul> |
||
241 | </td></tr> |
||
242 | </tbody> |
||
243 | </table> |
||
244 | </div> |
||
245 | <div class="clear"></div> |
||
246 | </div> |