Commentaires
Diaporama
Plan
1
Object Identification and Registration
  • William E Lyons
    USA
2
Introduction
  • Information Objects
    An information object is a well-defined piece of information that requires a name in order to identify its use in an instance of communication.


  • An Object Identifier
    • A value (distinguishable from all others) which is associated with an object.
    • Can identify anything (algorithm, business, file format, organization, policy, product, role, service, standard, address, schema, document version, device)
    • Infinite series of integers - {  1  2  3  4  }
    • Globally unique
    • Called OIDs  -  ISO/IEC 9834-1:1992 | X.660
  •                                  ISO/IEC 8824-1:1998 | X.680
  • Many standards require the assignment of object identifiers.
    • X9.57, X9.42, and X9.73
    • Most of the recent X9 security standards


  • Object identifiers will facilitate the implementation most standards involving cryptography and/or electronic transactions
    •  Industry, consumers, trade, governments, distributors.
    • organizations and individuals engaged in Electronic Commerce that use standardized transactions
3
Purpose
  • Define a standard methodology for assigning and registering object identifiers in an automated manner that
    • Provides a working registration schema
      DomainCertificate { iso  identified-organization  tc68(133) country(16)  x9(840)  x9Standards(9)  x9-68(68) modules(0)  domainCertificate(1) }
    • Does not require any allocations to be made
    • Allows automatic allocation for standards
    • Can be modified or ignored by any member
    • Allows member arc to be used for other purposes
    • Identifies country with ISO 3166 code


  • Single location to enter and obtain object registration information that provides easy access and searches
    • Reduce redundancy
    • Ensure uniqueness
    • Obtain identifiers easily and quickly
    • Facilitate dissemination of identifiers


4
Facilitate Use of Objects
5
Identification Relationships
6
Structure
  • Header
    • Parent Object
      •  ID
      • Description
    • Short Name Numeric - Includes link to Higher Level Parent
    • Long Name Numeric with Alpha descriptors – Same information as above
    • Last Update Date
    • Status Active, Inactive, Obsolete, or Suspect
    • Organization Name Contact Information
    • Contact Name Contact Information
    • Mailing Address Contact Information
    • Phone Number Contact Information
    • Fax Number Contact Information
    • Email Address Contact Information
    • URL Contact Information
  • Detail
    • Suffix Numeric – 1st  digit is category, 2nd digit is instance of category
    • Category Category is owner defined keyword list that is shared
    • Name Name of object (20 char or less)
    • Status Active, Inactive, Obsolete, or Suspect
    • Description Description of object


7
Categories
  • Page
    Page owners propagate new page owners by using page as a category.  The object definition shall then be entered on the propagated page.


  • Cat
    Defines an object category.  Pick from drop down list or add new category which is added to drop down list.  Drop list is shared with all object definitions.  Typical user defined categories are shown below (this will be expanded with use).
    • Algorithm
    • Attribute
    • Business Identifier
    • Certificate Extension
    • Certificate Policy
    • Certificate Policy Element
    • Module
    • Organization
    • Standard

8
Status
  • Active (Default)
    Owner is actively maintaining the information related to object identified by the OID.  This is the Default status.


  • Inactive (Set by Owner or RA)
    Owner is no longer maintaining the information related to Object identified by the OID.


  • Obsolete (Set by Owner)
    Object identified by the OID is obsolete.


  • Suspect (Set or removed by RA)
    Owner has been notified that information related to the Object identified by the OID is faulty and the fault has not been resolved.  Upon resolution the status reverts to the status before the dispute.




9
Other
  • Pages
    Propagated pages inherit all properties of the parent page.  If a page is deleted, then all definitions are then part of the parent page.
  • All pages are password protected with the intent to use certificates in the future.


  • Withdrawal
    Object identifiers shall  not be reissued, reused, or withdrawn after they have been made available to the public.   Object identifiers shall be designated as obsolete.


  • Uniqueness
    No OID may identify more than one object. 
    More than OID may identify the same object.


  • Maintenance
    Object owners are required to keep object page current, including all child pages.


  • Publication
    The list of registered OIDs will be freely available from a Website that facilitates browsing and searching.



10
Ownership
  • Owners may establish sub-authorities to register objects within their organizations.


  • Owner shall ensure that no duplicates OIDs are created within their own OID.


  • Ownership may be transferred with appropriate identification of the parties making the change.


11
Parent Page
12
Child Page with category field in object definition
13
Child Page without category fields in object definition
14
Registration Process
  • Registration
    • Organization applies to RA
    • RA establishes root OID
    • OID owner maintains OID information via a Web interface.


  • Error Correction
    • Person noting error contacts owner
    • Owner corrects errors
    • If owner fails to correct error in a timely manner
      • person noting error notifies RA
      • RA acknowledges receipt of error notification and formally notifies Owner of the alleged error and reminds the owner that discrepancies are to be resolved in 10 business days.
      • RA changes status of affected OIDs to Suspect
      • Owner resolves discrepancies and notifies RA of resolution
      • Upon verifying that the dispute has been resolved, the RA resets the status of the affected OIDs to the status prior the dispute.

15
Summary
  • Features
    • Owners create and update
    • Owners create new categories
    • Categories shared by all owners


  • Parent Page
    • Links to Registration Authority
    • Defines children pages
    • Does not have to have children pages


  • Child Page
    • Links to Parent
    • Created by use of Page Category in Parent
    • May define have children pages


  • Based upon Internet Technology
    • Easy access
    • Easy updating
    • Easy registration
    • Easy expansion


16
References