Go to most recent revision | Details | Last modification | View Log | RSS feed
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 2 | daniel-mar | 1 | <div id="global_content"> |
| 2 | <div id="introduction"> |
||
| 3 | |||
| 4 | <table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
| 5 | <tbody> |
||
| 6 | <tr> |
||
| 7 | <td><span class="page_title"><a name="oid"></a>Introduction to OIDs</span></td> |
||
| 8 | </tr> |
||
| 9 | <tr><td> |
||
| 10 | <p> |
||
| 11 | The Object Identifier (OID) concept and implementation dates back to |
||
| 12 | the mid-1980s, based on collaboration with the International Federation |
||
| 13 | for Information Processing (IFIP) over the previous several years. |
||
| 14 | </p> |
||
| 15 | <p> |
||
| 16 | OIDs provide a persistent identification of objects based on a hierarchical |
||
| 17 | structure of Registration Authorities (RA), where each parent has an |
||
| 18 | object identifier and allocates object identifiers to child nodes. It |
||
| 19 | provides a universal and flexible identification scheme for persistent |
||
| 20 | objects. It has been supported and recommended by ITU-T, ISO and IEC, |
||
| 21 | and has been used in many ITU-T (and ITU-R) Recommendations, and ISO |
||
| 22 | and IEC International Standards, since the middle 1980s, as part of |
||
| 23 | the ASN.1 (Abstract Syntax Notation One). |
||
| 24 | </p> |
||
| 25 | <p> |
||
| 26 | Almost any organization, Recommendation, or Standard can obtain (if |
||
| 27 | it not already has) an OID node. OIDs are fundamental for all security |
||
| 28 | work in ITU, ISO and IETF, and are widely used in many standards. |
||
| 29 | </p> |
||
| 30 | </td></tr> |
||
| 31 | |||
| 32 | <tr><td> |
||
| 33 | <p> |
||
| 34 | <img src="images/fl.png" style="width: 10px; height: 8px;" |
||
| 35 | width="41" border="0" height="8"> <a href="faq.htm#16"><span style="font-size:11px;"> |
||
| 36 | What |
||
| 37 | do we call a registration tree (or object identifier tree)? |
||
| 38 | </span></a> |
||
| 39 | </p> |
||
| 40 | <p> |
||
| 41 | <img src="images/fl.png" style="width: 10px; height: 8px;" |
||
| 42 | width="41" border="0" height="8"> <a href="faq.htm#18"><span style="font-size:11px;"> |
||
| 43 | How |
||
| 44 | is the entire registration tree managed? |
||
| 45 | </span></a> |
||
| 46 | </p> |
||
| 47 | <p> |
||
| 48 | <img src="images/fl.png" style="width: 10px; height: 8px;" width="41" border="0" height="8"> <a href="#" onclick="showdiv('Q3');"><span style="font-size:11px;"> |
||
| 49 | Where |
||
| 50 | can I learn more about OIDs and registration? |
||
| 51 | </span></a> |
||
| 52 | </p> |
||
| 53 | </td></tr> |
||
| 54 | |||
| 55 | </tbody> |
||
| 56 | </table> |
||
| 57 | <table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
| 58 | <tbody> |
||
| 59 | <tr> |
||
| 60 | <span class="section_title"><a name="long-arc"></a>Internationalization and the long arc concept</span> |
||
| 61 | </tr> |
||
| 62 | </tbody> |
||
| 63 | </table> |
||
| 64 | <table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
| 65 | <tbody> |
||
| 66 | <tr><td> |
||
| 67 | <p> |
||
| 68 | In the early years of 2000, the Object Identifier tree was renamed as |
||
| 69 | the International Object Identifier tree, and the names of arcs were |
||
| 70 | extended to allow what were called "Unicode labels" - names in any language, |
||
| 71 | using the <a href="http://www.unicode.org">Unicode</a> character set |
||
| 72 | - and were made available for computer communication alongside the original |
||
| 73 | numbers. |
||
| 74 | </p> |
||
| 75 | <p> |
||
| 76 | At the same time, the concept of "long arcs" from the root of the International |
||
| 77 | OID tree to a node at level 2 or below was introduced. Long arcs do |
||
| 78 | not have numerical values, but provide an unambiguous reference to the |
||
| 79 | node from the root using a Unicode label. |
||
| 80 | </p> |
||
| 81 | <p> |
||
| 82 | Use of a path specified purely in terms of the set of Unicode labels |
||
| 83 | on the (normal or long) arcs from the root to a node is called an International |
||
| 84 | Object Identifier for that node. |
||
| 85 | </p> |
||
| 86 | <p> |
||
| 87 | In order to support names of arcs in multiple languages, an arc can |
||
| 88 | have multiple Unicode labels, giving rise to a need to transform a path |
||
| 89 | using Unicode labels into a canonical form of purely numerical labels |
||
| 90 | to identify the node. This is handled by the OID Resolution System (described |
||
| 91 | below). |
||
| 92 | </p> |
||
| 93 | </td></tr> |
||
| 94 | |||
| 95 | <tr><td> |
||
| 96 | <img src="images/fl.png" style="width: 10px; height: 8px;" width="41" border="0" height="8"> |
||
| 97 | <a href="faq.htm#iri"><span style="font-size:11px;"> |
||
| 98 | What |
||
| 99 | is an OID-IRI (Internationalized Resource Identifier)? |
||
| 100 | </span></a> |
||
| 101 | </td></tr> |
||
| 102 | |||
| 103 | </tbody> |
||
| 104 | </table> |
||
| 105 | <br><table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
| 106 | <tbody> |
||
| 107 | <tr> |
||
| 108 | <td><span class="section_title"><a name="use"></a>Use of OIDs</span></td> |
||
| 109 | </tr> |
||
| 110 | <tr><td> |
||
| 111 | <p> |
||
| 112 | It is hard to summarize the uses. This OID repository gives an impression |
||
| 113 | of the wide-spread use. |
||
| 114 | </p> |
||
| 115 | <p>Known areas of use include:</p> |
||
| 116 | <ul> |
||
| 117 | <li> |
||
| 118 | Extensive use in security in IETF, Rec. ITU-T X.500, ISO/IEC, RSA |
||
| 119 | and NIST encryption algorithms, etc.; |
||
| 120 | </li> |
||
| 121 | <li> extensive use in e-health standards;</li> |
||
| 122 | <li> |
||
| 123 | extensive use for network management (Management Information Bases, |
||
| 124 | MIBS); |
||
| 125 | </li> |
||
| 126 | <li>use related to RFID tags;</li> |
||
| 127 | <li>emerging use for the Common Alerting Protocol for disaster notification:</li> |
||
| 128 | <li>use forcybersecurity alerts. </li> |
||
| 129 | </ul> |
||
| 130 | </td></tr> |
||
| 131 | <tr><td> |
||
| 132 | <p> |
||
| 133 | <img src="images/fl.png" style="width: 10px; height: 8px;" |
||
| 134 | width="41" border="0" height="8"> <a href="faq.htm#2"><span style="font-size:11px;"> |
||
| 135 | Which |
||
| 136 | kind of objects can be referenced by OIDs? |
||
| 137 | </span></a> |
||
| 138 | </p> |
||
| 139 | <p> |
||
| 140 | <img src="images/fl.png" style="width: 10px; height: 8px;" |
||
| 141 | width="41" border="0" height="8"> <a href="faq.htm#10"><span style="font-size:11px;"> |
||
| 142 | How |
||
| 143 | to get an OID assigned? |
||
| 144 | </span></a> |
||
| 145 | </p> |
||
| 146 | </td></tr> |
||
| 147 | </tbody> |
||
| 148 | </table> |
||
| 149 | |||
| 150 | <table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
| 151 | <tbody> |
||
| 152 | <tr> |
||
| 153 | <td><span class="section_title"><a name="ors"></a>Introduction to the ORS (OID Resolution System)</span></td> |
||
| 154 | </tr> |
||
| 155 | </tbody> |
||
| 156 | </table> |
||
| 157 | <table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
| 158 | <tbody> |
||
| 159 | <tr><td> |
||
| 160 | <p> |
||
| 161 | Given that there are multiple ways of identifying an International |
||
| 162 | Object Identifier tree node by a set of Unicode labels defining the |
||
| 163 | path from the root to that node, there was a requirement to be able |
||
| 164 | to transform that by an efficient on-line look-up into a canonical form |
||
| 165 | consisting of the all-numeric identification of arcs of the path (canonicalization). |
||
| 166 | </p> |
||
| 167 | <p> |
||
| 168 | There was also a requirement for the management of a node to be able |
||
| 169 | to store (and applications to retrieve) information associated with |
||
| 170 | a node in a flexible way (node information retrieval). This was first |
||
| 171 | identified in terms of RFID applications (What is the content of this |
||
| 172 | jar of jam? Who is the owner of this piece of hold baggage? etc.) but |
||
| 173 | now extends more widely. |
||
| 174 | </p> |
||
| 175 | <p> |
||
| 176 | There was a requirement for both of these look-up activities to be |
||
| 177 | fully supported by authentication of the returned result with a trust |
||
| 178 | anchor. |
||
| 179 | </p> |
||
| 180 | <p> |
||
| 181 | The OID Resolution System (ORS) was developed from 2004 onwards, and |
||
| 182 | allows an application to obtain (online) application-specific information |
||
| 183 | related to any node identified by an OID. |
||
| 184 | </p> |
||
| 185 | <p> |
||
| 186 | The ORS enables any one of the OID nodes to be mapped into DNS name |
||
| 187 | zone files, and information about it can be obtained by a DNS look-up |
||
| 188 | for further application processing. The system was initially designed |
||
| 189 | to support RFID tag activity, but also has applications in many other |
||
| 190 | application areas. |
||
| 191 | </p> |
||
| 192 | </td></tr> |
||
| 193 | <tr><td> |
||
| 194 | <img src="images/fl.png" style="width: 10px; height: 8px;" |
||
| 195 | width="41" border="0" height="8"> More |
||
| 196 | information in the |
||
| 197 | <a href="http://www.itu.int/pub/T-HDB-LNG.4-2010">OID |
||
| 198 | handbook</a> (part 6) |
||
| 199 | </td></tr> |
||
| 200 | </tbody> |
||
| 201 | </table> |
||
| 202 | <br><table width="100%" border="0" cellpadding="0" cellspacing="0"> |
||
| 203 | <tbody> |
||
| 204 | <tr> |
||
| 205 | <td><span class="section_title"><a name="features"></a>Features of the ORS (OID Resolution System)</span></td> |
||
| 206 | </tr> |
||
| 207 | <tr><td> |
||
| 208 | <ul> |
||
| 209 | <li> |
||
| 210 | <em>Support for the International Object Identifier tree naming scheme</em>: |
||
| 211 | Uses Unicode, so all languages can be included in the identification |
||
| 212 | of an object.<br><br></li> |
||
| 213 | <li> |
||
| 214 | <em>Relation to DNS</em>: International OIDs map to DNS names of the |
||
| 215 | form <code>zz.yy.xx.oid-res.org</code>. Look-ups are based on DNS zone-file |
||
| 216 | information, obtained via DNS port 53 (designed for the return of |
||
| 217 | application-specific information).<br><br></li> |
||
| 218 | <li> |
||
| 219 | <em>Security</em>: DNS servers supporting the mapping from the International |
||
| 220 | OID tree are required to support the DNSSEC protocol of the IETF, |
||
| 221 | and will return information authenticated using an ITU-T X.500 certificate |
||
| 222 | chain and a trust anchor.<br><br></li> |
||
| 223 | <li> |
||
| 224 | <em>Hierarchical structure</em><strong>:</strong>Any Registration Authority |
||
| 225 | that has been allocated a node in the International OID tree can make |
||
| 226 | allocations to children (entirely within its own responsibility), |
||
| 227 | and can provide (if requested) a pointer from its DNS zone files to |
||
| 228 | a server maintained by its child for its own DNS zone files. This |
||
| 229 | is entirely a matter between the parent and child, and is not constrained.<br><br></li> |
||
| 230 | <li> |
||
| 231 | <em>Absence of restrictions</em>: The International OID tree has potentially |
||
| 232 | infinitely many children from each node, and an infinite depth of |
||
| 233 | the tree. There is also no length restriction on the names used to |
||
| 234 | identify arcs (or on the characters used, within Unicode).<br><br></li> |
||
| 235 | <li> |
||
| 236 | <em>Application data</em>: The ORS can resolve an OID into its canonical |
||
| 237 | form, and can return authenticated URLs for access to any application |
||
| 238 | information recorded in the zone files for that OID. |
||
| 239 | </li> |
||
| 240 | </ul> |
||
| 241 | </td></tr> |
||
| 242 | </tbody> |
||
| 243 | </table> |
||
| 244 | </div> |
||
| 245 | <div class="clear"></div> |
||
| 246 | </div> |