1
|
|
2
|
- Information Objects
An information object is a well-defined piece of information that
requires a name in order to identify its use in an instance of
communication.
- An Object Identifier
- A value (distinguishable from all others) which is associated with an
object.
- Can identify anything (algorithm, business, file format, organization,
policy, product, role, service, standard, address, schema, document
version, device)
- Infinite series of integers - {
1 2 3
4 }
- Globally unique
- Called OIDs - ISO/IEC 9834-1:1992 | X.660
-
ISO/IEC 8824-1:1998 | X.680
- Many standards require the assignment of object identifiers.
- X9.57, X9.42, and X9.73
- Most of the recent X9 security standards
- Object identifiers will facilitate the implementation most standards
involving cryptography and/or electronic transactions
- Industry, consumers, trade,
governments, distributors.
- organizations and individuals engaged in Electronic Commerce that use
standardized transactions
|
3
|
- Define a standard methodology for assigning and registering object
identifiers in an automated manner that
- Provides a working registration schema
DomainCertificate { iso
identified-organization
tc68(133) country(16)
x9(840) x9Standards(9) x9-68(68) modules(0) domainCertificate(1) }
- Does not require any allocations to be made
- Allows automatic allocation for standards
- Can be modified or ignored by any member
- Allows member arc to be used for other purposes
- Identifies country with ISO 3166 code
- Single location to enter and obtain object registration information that
provides easy access and searches
- Reduce redundancy
- Ensure uniqueness
- Obtain identifiers easily and quickly
- Facilitate dissemination of identifiers
|
4
|
|
5
|
|
6
|
- Header
- Parent Object
- Short Name Numeric - Includes link to Higher Level Parent
- Long Name Numeric with Alpha descriptors – Same information as above
- Last Update Date
- Status Active, Inactive, Obsolete, or Suspect
- Organization Name Contact Information
- Contact Name Contact Information
- Mailing Address Contact Information
- Phone Number Contact Information
- Fax Number Contact Information
- Email Address Contact Information
- URL Contact Information
- Detail
- Suffix Numeric – 1st
digit is category, 2nd digit is instance of category
- Category Category is owner defined keyword list that is shared
- Name Name of object (20 char or less)
- Status Active, Inactive, Obsolete, or Suspect
- Description Description of object
|
7
|
- Page
Page owners propagate new page owners by using page as a
category. The object definition
shall then be entered on the propagated page.
- Cat
Defines an object category.
Pick from drop down list or add new category which is added to
drop down list. Drop list is
shared with all object definitions.
Typical user defined categories are shown below (this will be
expanded with use).
- Algorithm
- Attribute
- Business Identifier
- Certificate Extension
- Certificate Policy
- Certificate Policy Element
- Module
- Organization
- Standard
|
8
|
- Active (Default)
Owner is actively maintaining the information related to object
identified by the OID. This is
the Default status.
- Inactive (Set by Owner or RA)
Owner is no longer maintaining the information related to Object
identified by the OID.
- Obsolete (Set by Owner)
Object identified by the OID is obsolete.
- Suspect (Set or removed by RA)
Owner has been notified that information related to the Object
identified by the OID is faulty and the fault has not been
resolved. Upon resolution the
status reverts to the status before the dispute.
|
9
|
- Pages
Propagated pages inherit all properties of the parent page. If a page is deleted, then all
definitions are then part of the parent page.
- All pages are password protected with the intent to use certificates in
the future.
- Withdrawal
Object identifiers shall
not be reissued, reused, or withdrawn after they have been made
available to the public. Object
identifiers shall be designated as obsolete.
- Uniqueness
No OID may identify more than one object.
More than OID may identify the same object.
- Maintenance
Object owners are required to keep object page current, including
all child pages.
- Publication
The list of registered OIDs will be freely available from a
Website that facilitates browsing and searching.
|
10
|
- Owners may establish sub-authorities to register objects within their
organizations.
- Owner shall ensure that no duplicates OIDs are created within their own
OID.
- Ownership may be transferred with appropriate identification of the
parties making the change.
|
11
|
|
12
|
|
13
|
|
14
|
- Registration
- Organization applies to RA
- RA establishes root OID
- OID owner maintains OID information via a Web interface.
- Error Correction
- Person noting error contacts owner
- Owner corrects errors
- If owner fails to correct error in a timely manner
- person noting error notifies RA
- RA acknowledges receipt of error notification and formally notifies
Owner of the alleged error and reminds the owner that discrepancies
are to be resolved in 10 business days.
- RA changes status of affected OIDs to Suspect
- Owner resolves discrepancies and notifies RA of resolution
- Upon verifying that the dispute has been resolved, the RA resets the
status of the affected OIDs to the status prior the dispute.
|
15
|
- Features
- Owners create and update
- Owners create new categories
- Categories shared by all owners
- Parent Page
- Links to Registration Authority
- Defines children pages
- Does not have to have children pages
- Child Page
- Links to Parent
- Created by use of Page Category in Parent
- May define have children pages
- Based upon Internet Technology
- Easy access
- Easy updating
- Easy registration
- Easy expansion
|
16
|
|