1、 Reference number ISO/IEC 29168-1:2011(E) ISO/IEC 2011INTERNATIONAL STANDARD ISO/IEC 29168-1 Information technology Open systems interconnection Part 1: Object identifier resolution system Technologies de linformation Interconnexion de systmes ouverts (OSI) Partie 1: Systme de rsolution didentificat
2、eur dobjet ISO/IEC 29168-1:2011(E) COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2011 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in w
3、riting from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ii ISO/IEC 2011 All rights reservedISO
4、/IEC 29168-1:2011(E) ISO/IEC 2011 All rights reserved iiiCONTENTS Page 1 Scope 1 2 Normative references . 1 2.1 Identical Recommendations | International Standards 1 2.2 Additional references 1 3 Definitions 2 3.1 Imported definitions 2 3.2 Additional de finitions 2 4 Abbreviations and acronyms 3 5
5、OID resolution system architecture 4 5.1 OID resolution process 4 5.2 Interactions between components in the general OID resolution process . 4 6 DNS zone files for the .oid-res.org domain 5 6.1 Overview . 5 6.2 Requirements and restrictions on DNS zone files in the .oid-res.org domain . 6 6.3 Use o
6、f DNS resource records for ORS services 6 6.4 Security considerations . 7 7 Operation of an ORS client 7 7.1 Functional interfaces . 7 7.2 Processing a query . 7 7.3 Converting an OID-IRI value to an FQDN . 7 7.4 Processing DNS results . 8 7.5 Security considerations . 8 8 Requirements on ORS servic
7、e specifications . 8 8.1 Specification of NAPTR information 8 8.2 Recommendations for ORS application processing 8 Annex A Assigned ORS service types 9 Annex B Specification of the OID canonicalization (COID) ORS service 10 Annex C Specification of the child information (CINF) ORS service . 11 C.1 G
8、eneral 11 C.2 CINF XML file . 11 Annex D Specification of the registration information (RINF) ORS service . 13 D.1 General 13 D.2 RINF XML file . 13 Annex E Specification of the module information (MINF) ORS service . 15 Annex F Description of use cases . 16 F.1 OID canonicalization (COID) ORS servi
9、ce 16 F.2 Child information (CINF) ORS service 16 F.3 Registration information (RINF) ORS service 16 F.4 Module information (MINF) ORS service 16 Annex G Examples of ORS operation 17 G.1 Example of DNS zone files for the ORS . 17 G.2 Examples of NAPTR resource records . 17 Annex H History of object
10、identifiers (OIDs) 18 Annex I Bibliography . 19 ISO/IEC 29168-1:2011(E) iv ISO/IEC 2011 All rights reservedForeword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bod
11、ies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other
12、international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules g
13、iven in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approva
14、l by at least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. ISO/IEC 29168-1 was prepared by Joi
15、nt Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 6, Telecommunications and information exchange between systems in collaboration with ITU-T. The identical text is published as Rec. ITU-T X.672 (08/2010). ISO/IEC 29168 consists of the following parts, under the general ti
16、tle Information technology Open systems interconnection: Part 1: Object identifier resolution system Part 2: Procedures for the object identifier resolution system operational agency ISO/IEC 29168-1:2011(E) ISO/IEC 2011 All rights reserved vIntroduction This Recommendation | International Standard s
17、pecifies the object identifier resolution system. This provides the return (using an ORS client) of information associated with an OID node. It uses a mapping of the International Object Identifier tree naming scheme (using OID-IRI values) onto the DNS naming scheme (see 7.3). This Recommendation |
18、International Standard specifies requirements on the management of DNS zone files that are mapped from ORS-supported OID nodes to provide (standardized) information related to an International Object Identifier tree node for a variety of applications, and on the behaviour of an ORS client that inter
19、acts with the DNS system to obtain that information and provide it to an application. Six requirements emerged in the mid/late-2000s: an application to be able to translate any OID-IRI value into a canonical OID-IRI (a unique string of numeric Unicode labels that would identify a node): the COID ORS
20、 service, supporting IRI comparison of names in the IETF “oid“ IRI scheme (see Annex B); an application to determine child information from an OID node: the CINF service (see Annex C); an application to obtain registration information (such as contact information about the owner of the OID node, and
21、 how to request a child node, etc.): the RINF service (see Annex D); an application to obtain a reference to the ASN.1 module (if any) associated with a node: the MINF service (see Annex E); support for access to multimedia information (triggered by tag-based identification) using the ORS; support f
22、or access to information contained in an OID node that relates to cybersecurity features. There are probably other applications that will require further information (specified by an application standard) contained in an ORS-supported OID node and accessible by the ORS. To meet these needs, it was d
23、ecided to map the OID tree into a part of the DNS tree (see IETF RFC 1035), with the root of the OID tree mapped into .oid-res.org (see 7.3). The mapping is from any OID-IRI value that identifies an International OID node into a DNS name (in the .oid-res.org domain). The information about an ORS-sup
24、ported OID node is inserted into DNS zone files and can then be retrieved by any ORS client (running on any computer system with DNS access), using any of the OID-IRI identifications for that International Object Identifier tree node. The associated information is specified by those applications tha
25、t choose to use the ORS. The requirements on such applications are included in this Recommendation | International Standard. Some application specifications are included as normative annexes to this Recommendation | International Standard. Others are specified externally. All DNS zone files for the
26、.oid-res.org domain correspond to ORS-supported OID nodes, but not all DNS names algorithmically mapped from an OID-IRI will be present in the DNS. All DNS zone files in the .oid-res.org domain are required to confirm to this Recommendation | International Standard. Information for an International
27、OID tree node (for each application) is specified by the owner of that node, and determines the appropriate configuration of DNS zone files, in accordance with the specification for each ORS service (see Annex A), and would be retrieved by an application using a local ORS client implementation inter
28、acting with a local DNS client (see clause 7). The information would be included in NAPTR resource records, qualified by the ORS service type. An ORS client takes as input any OID-IRI value, together with an ORS service type. It will return node information for that OID-IRI value and ORS service typ
29、e (based on the configuration of the DNS zone files, and particularly of NAPTR resource records). Each resource record will consist of one or more pieces of information together with the requested ORS service type. The procedures for the appointment of the ORS operational agency are contained in ISO
30、/IEC 29168-2. These procedures involve only ISO/IEC for appointment and contractual purposes. They do not have any ITU-T involvement. Clause 5 provides an overview of the OID resolution system architecture and its interaction with the DNS. Clause 6 specifies the requirements and restrictions on DNS
31、zone files in the .oid-res.org domain in order to support navigation to DNS names mapped from the International OID tree (including the use of long arcs) and the provision of information needed for the ORS resolution process using any specified ORS service type. ISO/IEC 29168-1:2011(E) vi ISO/IEC 20
32、11 All rights reservedNOTE This Specification relates only to the use of DNAME DNS resource records and NAPTR resource records using a service field commencing “ORS+“. Use of other DNS resource records are not in the scope of this Recommendation | International Standard, and are neither forbidden (e
33、xcept when they would conflict with the use for the ORS) nor are they required. Clause 7 specifies the operation of an ORS client, including the mapping of an OID-IRI value into a DNS name. Clause 8 specifies the requirements on an ORS application specification, including specification of NAPTR info
34、rmation and recommendations on ORS application processing. Security considerations are discussed and specified in 5.2.3 to 5.2.6, 6.4, 7.5 and 8.2.2. Annex A (normative) specifies the assigned ORS service types at the time of publication of this Recommendation | International Standard. Annex B (norm
35、ative) specifies the COID service. Annex C (normative) specifies the requirements for the CINF service. Annex D (normative) specifies the requirements for the RINF service. Annex E (normative) specifies the requirements for the MINF service. Annex F (informative) provides a description of the use ca
36、ses for the ORS, referencing each application that has a specified ORS service type (see Annex A). Annex G (informative) provides examples of possible DNS zone files to support the ORS and additional examples of NAPTR resource records. Annex H (informative) provides a short history of the developmen
37、t of the International OID tree. Annex I (informative) provides bibliographic references. ISO/IEC 29168-1:2011 (E) Rec. ITU-T X.672 (08/2010) 1 INTERNATIONAL STANDARD RECOMMENDATION ITU-T Information technology Open systems interconnection Object identifier resolution system 1 Scope This Recommendat
38、ion | International Standard specifies the OID resolution system, including the overall architecture and a DNS-based resolution mechanism. It specifies the means for inserting any application-defined information associated with an OID node into the DNS (see clause 6) and the means of retrieval of th
39、at information using the ORS (see clause 7). It does not restrict the number of applications it can support. It specifies the required operation of an ORS client (see clause 7), including the mapping of an OID-IRI value by the ORS client into a DNS name to produce a DNS query for the specified appli
40、cation information and the processing of any returned information. The ORS has no role in the allocation or registration of OID nodes. The required behaviour of an ORS client is specified, but the interfaces to it are specified only in terms of the semantics of the interaction. A bit-level applicati
41、on program interface is platform and software dependent, and is not in the scope of this Recommendation | International Standard. It does not include a tutorial or complete specification on the management of DNS zone files (for that, see IETF RFC 1035 and IETF RFC 3403); it specifies (only) the DNS
42、resource records (see 6.3) that need to be inserted in the zone files in order to support ORS access to the information associated with an OID node. This Recommendation | International Standard specifies required DNS zone file resource records, and prohibits the use of other resource records of a si
43、milar form but with different semantics (in DNS zone files in the .oid-res.org domain) see 6.2. It does not otherwise restrict the general use of DNS zone files. 2 Normative references The following Recommendations and International Standards contain provisions which, through reference in this text,
44、 constitute provisions of this Recommendation | International Standard. At the time of publication, the editions indicated were valid. All Recommendations and Standards are subject to revision, and parties to agreements based on this Recommendation | International Standard are encouraged to investig
45、ate the possibility of applying the most recent edition of the Recommendations and Standards listed below. Members of IEC and ISO maintain registers of currently valid International Standards. The Telecommunication Standardization Bureau of the ITU maintains a list of currently valid ITU-T Recommend
46、ations. 2.1 Identical Recommendations | International Standards Recommendation ITU-T X.509 (2005) | ISO/IEC 9594-8:2005, Information technology Open Systems Interconnection The Directory: Public-key and attribute certificate frameworks. Recommendations ITU-T X.660 series | ISO/IEC 9834 multi-part st
47、andard, Information technology Open Systems Interconnection Procedures for the operation of OSI Registration Authorities. Recommendations ITU-T X.680 (2008) series | ISO/IEC 8824:2008 multi-part standard, Information technology Abstract Syntax Notation One (ASN.1). Recommendation ITU-T X.693 (2008)
48、| ISO/IEC 8825-4:2008, Information technology ASN.1 encoding rules: XML Encoding Rules (XER). 2.2 Additional references IETF RFC 1034 (1987), Domain names Concepts and facilities. IETF RFC 1035 (1987), Domain names Implementation and specification. IETF RFC 3403 (2002), Dynamic Delegation Discovery
49、System (DDDS) Part Three: The Domain Name System (DNS) Database. ISO/IEC 29168-1:2011 (E) 2 Rec. ITU-T X.672 (08/2010) IETF RFC 3454 (2002), Preparation of Internationalized Strings (“stringprep“). IETF RFC 3490 (2003), Internationalizing Domain Names in Applications (IDNA). IETF RFC 3492 (2003), Punycode: A Bootstring encoding of Unicode for Internationalized Domain Names in Applications (IDNA). IETF RFC 4033 (2005), DNS Security Introduction and Requirements. IETF RFC
