1、 International Telecommunication Union ITU-T X.672TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (08/2010) SERIES X: DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY OSI networking and system aspects Naming, Addressing and Registration Information technology Open systems interconnection Objec
2、t identifier resolution system Recommendation ITU-T X.672 ITU-T X-SERIES RECOMMENDATIONS DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY PUBLIC DATA NETWORKS Services and facilities X.1X.19 Interfaces X.20X.49 Transmission, signalling and switching X.50X.89 Network aspects X.90X.149 Maintenan
3、ce X.150X.179 Administrative arrangements X.180X.199 OPEN SYSTEMS INTERCONNECTION Model and notation X.200X.209 Service definitions X.210X.219 Connection-mode protocol specifications X.220X.229 Connectionless-mode protocol specifications X.230X.239 PICS proformas X.240X.259 Protocol Identification X
4、.260X.269 Security Protocols X.270X.279 Layer Managed Objects X.280X.289 Conformance testing X.290X.299 INTERWORKING BETWEEN NETWORKS General X.300X.349 Satellite data transmission systems X.350X.369 IP-based networks X.370X.379 MESSAGE HANDLING SYSTEMS X.400X.499 DIRECTORY X.500X.599 OSI NETWORKING
5、 AND SYSTEM ASPECTS Networking X.600X.629 Efficiency X.630X.639 Quality of service X.640X.649 Naming, Addressing and Registration X.650X.679Abstract Syntax Notation One (ASN.1) X.680X.699 OSI MANAGEMENT Systems management framework and architecture X.700X.709 Management communication service and pro
6、tocol X.710X.719 Structure of management information X.720X.729 Management functions and ODMA functions X.730X.799 SECURITY X.800X.849 OSI APPLICATIONS Commitment, concurrency and recovery X.850X.859 Transaction processing X.860X.879 Remote operations X.880X.889 Generic applications of ASN.1 X.890X.
7、899 OPEN DISTRIBUTED PROCESSING X.900X.999 INFORMATION AND NETWORK SECURITY X.1000X.1099 SECURE APPLICATIONS AND SERVICES X.1100X.1199 CYBERSPACE SECURITY X.1200X.1299 SECURE APPLICATIONS AND SERVICES X.1300X.1399 CYBERSECURITY INFORMATION EXCHANGE X.1500X.1598 For further details, please refer to t
8、he list of ITU-T Recommendations. Rec. ITU-T X.672 (08/2010) i INTERNATIONAL STANDARD ISO/IEC 29168-1 RECOMMENDATION ITU-T X.672 Information technology Open systems interconnection Object identifier resolution system Summary This Recommendation | International Standard specifies the object identifie
9、r (OID) resolution system (ORS). This enables (arbitrary) information to be associated with any ORS-supported OID node (of the international object identifier tree defined in Rec. ITU-T X.660 | ISO/IEC 9834-1). This associated information is identified by an application specification that may have a
10、 requirement for instances of that application (running on any computer system) to obtain the associated information by an ORS search, using an ASN.1 OID-IRI value to identify the node. Currently defined application information for a node includes the canonical form of an international object identi
11、fier, child node information, registration information about the owner of the node, a reference to an ASN.1 module identified by the node, information supporting tag-based applications, and information supporting cybersecurity. History Edition Recommendation Approval Study Group 1.0 ITU-T X.672 2010
12、-08-29 17 Keywords Object identifier, OID, object identifier resolution system, ORS. ii Rec. ITU-T X.672 (08/2010) FOREWORD The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications, information and communication technologies (ICTs).
13、The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Stan
14、dardization Assembly (WTSA), which meets every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down in WTSA Resolution 1. In some areas of informatio
15、n technology which fall within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with ISO and IEC. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. C
16、ompliance with this Recommendation is voluntary. However, the Recommendation may contain certain mandatory provisions (to ensure, e.g., interoperability or applicability) and compliance with the Recommendation is achieved when all of these mandatory provisions are met. The words “shall“ or some othe
17、r obligatory language such as “must“ and the negative equivalents are used to express requirements. The use of such words does not suggest that compliance with the Recommendation is required of any party. INTELLECTUAL PROPERTY RIGHTS ITU draws attention to the possibility that the practice or implem
18、entation of this Recommendation may involve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the Recommendation development process.
19、 As of the date of approval of this Recommendation, ITU had not received notice of intellectual property, protected by patents, which may be required to implement this Recommendation. However, implementers are cautioned that this may not represent the latest information and are therefore strongly ur
20、ged to consult the TSB patent database at http:/www.itu.int/ITU-T/ipr/. ITU 2011 All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior written permission of ITU. Rec. ITU-T X.672 (08/2010) iii CONTENTS Page 1 Scope 1 2 Normative references . 1
21、 2.1 Identical Recommendations | International Standards 1 2.2 Additional references 1 3 Definitions 2 3.1 Imported definitions 2 3.2 Additional definitions 2 4 Abbreviations and acronyms 3 5 OID resolution system architecture 4 5.1 OID resolution process 4 5.2 Interactions between components in the
22、 general OID resolution process . 4 6 DNS zone files for the .oid-res.org domain 5 6.1 Overview . 5 6.2 Requirements and restrictions on DNS zone files in the .oid-res.org domain . 6 6.3 Use of DNS resource records for ORS services 6 6.4 Security considerations . 7 7 Operation of an ORS client 7 7.1
23、 Functional interfaces . 7 7.2 Processing a query . 7 7.3 Converting an OID-IRI value to an FQDN . 7 7.4 Processing DNS results . 8 7.5 Security considerations . 8 8 Requirements on ORS service specifications . 8 8.1 Specification of NAPTR information 8 8.2 Recommendations for ORS application proces
24、sing 8 Annex A Assigned ORS service types 9 Annex B Specification of the OID canonicalization (COID) ORS service 10 Annex C Specification of the child information (CINF) ORS service . 11 C.1 General 11 C.2 CINF XML file . 11 Annex D Specification of the registration information (RINF) ORS service .
25、13 D.1 General 13 D.2 RINF XML file . 13 Annex E Specification of the module information (MINF) ORS service . 15 Annex F Description of use cases . 16 F.1 OID canonicalization (COID) ORS service 16 F.2 Child information (CINF) ORS service 16 F.3 Registration information (RINF) ORS service 16 F.4 Mod
26、ule information (MINF) ORS service 16 Annex G Examples of ORS operation 17 G.1 Example of DNS zone files for the ORS . 17 G.2 Examples of NAPTR resource records . 17 Annex H History of object identifiers (OIDs) 18 Annex I Bibliography . 19 iv Rec. ITU-T X.672 (08/2010) Introduction This Recommendati
27、on | International Standard specifies the object identifier resolution system. This provides the return (using an ORS client) of information associated with an OID node. It uses a mapping of the International Object Identifier tree naming scheme (using OID-IRI values) onto the DNS naming scheme (see
28、 7.3). This Recommendation | International Standard specifies requirements on the management of DNS zone files that are mapped from ORS-supported OID nodes to provide (standardized) information related to an International Object Identifier tree node for a variety of applications, and on the behaviou
29、r of an ORS client that interacts with the DNS system to obtain that information and provide it to an application. Six requirements emerged in the mid/late-2000s: an application to be able to translate any OID-IRI value into a canonical OID-IRI (a unique string of numeric Unicode labels that would i
30、dentify a node): the COID ORS service, supporting IRI comparison of names in the IETF “oid“ IRI scheme (see Annex B); an application to determine child information from an OID node: the CINF service (see Annex C); an application to obtain registration information (such as contact information about t
31、he owner of the OID node, and how to request a child node, etc.): the RINF service (see Annex D); an application to obtain a reference to the ASN.1 module (if any) associated with a node: the MINF service (see Annex E); support for access to multimedia information (triggered by tag-based identificat
32、ion) using the ORS; support for access to information contained in an OID node that relates to cybersecurity features. There are probably other applications that will require further information (specified by an application standard) contained in an ORS-supported OID node and accessible by the ORS.
33、To meet these needs, it was decided to map the OID tree into a part of the DNS tree (see IETF RFC 1035), with the root of the OID tree mapped into .oid-res.org (see 7.3). The mapping is from any OID-IRI value that identifies an International OID node into a DNS name (in the .oid-res.org domain). The
34、 information about an ORS-supported OID node is inserted into DNS zone files and can then be retrieved by any ORS client (running on any computer system with DNS access), using any of the OID-IRI identifications for that International Object Identifier tree node. The associated information is specif
35、ied by those applications that choose to use the ORS. The requirements on such applications are included in this Recommendation | International Standard. Some application specifications are included as normative annexes to this Recommendation | International Standard. Others are specified externally
36、. All DNS zone files for the .oid-res.org domain correspond to ORS-supported OID nodes, but not all DNS names algorithmically mapped from an OID-IRI will be present in the DNS. All DNS zone files in the .oid-res.org domain are required to confirm to this Recommendation | International Standard. Info
37、rmation for an International OID tree node (for each application) is specified by the owner of that node, and determines the appropriate configuration of DNS zone files, in accordance with the specification for each ORS service (see Annex A), and would be retrieved by an application using a local OR
38、S client implementation interacting with a local DNS client (see clause 7). The information would be included in NAPTR resource records, qualified by the ORS service type. An ORS client takes as input any OID-IRI value, together with an ORS service type. It will return node information for that OID-
39、IRI value and ORS service type (based on the configuration of the DNS zone files, and particularly of NAPTR resource records). Each resource record will consist of one or more pieces of information together with the requested ORS service type. The procedures for the appointment of the ORS operationa
40、l agency are contained in ISO/IEC 29168-2. These procedures involve only ISO/IEC for appointment and contractual purposes. They do not have any ITU-T involvement. Clause 5 provides an overview of the OID resolution system architecture and its interaction with the DNS. Clause 6 specifies the requirem
41、ents and restrictions on DNS zone files in the .oid-res.org domain in order to support navigation to DNS names mapped from the International OID tree (including the use of long arcs) and the provision of information needed for the ORS resolution process using any specified ORS service type. Rec. ITU
42、-T X.672 (08/2010) v NOTE This Specification relates only to the use of DNAME DNS resource records and NAPTR resource records using a service field commencing “ORS+“. Use of other DNS resource records are not in the scope of this Recommendation | International Standard, and are neither forbidden (ex
43、cept when they would conflict with the use for the ORS) nor are they required. Clause 7 specifies the operation of an ORS client, including the mapping of an OID-IRI value into a DNS name. Clause 8 specifies the requirements on an ORS application specification, including specification of NAPTR infor
44、mation and recommendations on ORS application processing. Security considerations are discussed and specified in 5.2.3 to 5.2.6, 6.4, 7.5 and 8.2.2. Annex A (normative) specifies the assigned ORS service types at the time of publication of this Recommendation | International Standard. Annex B (norma
45、tive) specifies the COID service. Annex C (normative) specifies the requirements for the CINF service. Annex D (normative) specifies the requirements for the RINF service. Annex E (normative) specifies the requirements for the MINF service. Annex F (informative) provides a description of the use cas
46、es for the ORS, referencing each application that has a specified ORS service type (see Annex A). Annex G (informative) provides examples of possible DNS zone files to support the ORS and additional examples of NAPTR resource records. Annex H (informative) provides a short history of the development
47、 of the International OID tree. Annex I (informative) provides bibliographic references. ISO/IEC 29168-1:2011 (E) Rec. ITU-T X.672 (08/2010) 1 INTERNATIONAL STANDARD RECOMMENDATION ITU-T Information technology Open systems interconnection Object identifier resolution system 1 Scope This Recommendati
48、on | International Standard specifies the OID resolution system, including the overall architecture and a DNS-based resolution mechanism. It specifies the means for inserting any application-defined information associated with an OID node into the DNS (see clause 6) and the means of retrieval of tha
49、t information using the ORS (see clause 7). It does not restrict the number of applications it can support. It specifies the required operation of an ORS client (see clause 7), including the mapping of an OID-IRI value by the ORS client into a DNS name to produce a DNS query for the specified application information and the processing of any returned information. The ORS has no role in the allocation or registration of OID nodes. The required behaviour of an ORS client is specified
