Information:
|
More information on UUIDs
Automatic generation of a time-based UUID for your own use (version-1 UUIDs)
Registration of your UUID as an OID
This OID arc was allocated by clause 7 of Rec. ITU-T X.667 | ISO/IEC 9834-8: "Procedures for the operation of OSI Registration Authorities - Generation and Registration of Universally Unique Identifiers (UUIDs) and their Use as ASN.1 Object Identifier Components". The registration procedures are explained in clause 16 of that standard (some excerpts follow).
-----
16.1.1: Rec. ITU-T X.667 | ISO/IEC 9834-8 defines procedures for the operation of a Registration Authority [i.e., this web page] that registers UUIDs. This registration also enables the use of those UUIDs as arcs of the OID tree under the {joint-iso-itu-t uuid(25)} arc.
NOTE: UUIDs can also be used to identify arcs under this arc uuid(25) without being registered, but the identification of such arcs is then not guaranteed to be worldwide unambiguous.
16.1.3: (TUTORIAL) It is important to note that an unregistered OID can be used under the same arc as that of a registered OID (see 16.1.1). Thus identical values for a registered OID and an unregistered OID (or for two unregistered OIDs) might be used, although the probability of this occurring is very small. The probability is increased if UUIDs are generated from MD5 hash values or pseudo-random numbers, rather than from SHA-1 hash values and cryptographic-quality random numbers. This may cause confusion for the users of the OID, and could be the trigger of malicious use such as spoofing. The Registration Authority for UUIDs is responsible for a collision between registered OIDs, but it is not responsible for a collision between a registered OID and an unregistered OID because it does not manage unregistered OIDs. If such a collision occurs, the semantics associated with the registered OID should have precedence; the semantics associated with the unregistered OID value should not be used. Thus, the registration of an OID with a UUID does not ensure that the OID has more uniqueness than its UUID's uniqueness. The objective of the registration should be seen mainly as a means of publishing the OID and its semantics.
16.2.2: The Registration Authority [i.e., this web site] shall not be liable for any failure to operate under these procedures, or for any actions related to its duties in relation to Rec. ITU-T X.667 | ISO/IEC 9834-8, except that it may be discharged of its duties by the relevant ITU-T Study Group | ISO/IEC Sub-committee, without penalty. The Registration Authority shall not be held liable for any use of an unregistered OID value that is the same as a registered OID value, as it has no control over the use of such values (see 16.1.3).
16.4: Registration procedures
This subclause specifies the procedures to be followed in the registration of UUIDs. The procedures are designed to assure openness and due process in the operation of the RA.
16.4.1: Application for registration of a UUID
16.4.1.1: An organization submits an application for registration of a UUID directly to the RA, by completing the form on its Web site. The content of the application is specified in 16.4.3.
16.4.1.2: Upon successful completion of the registration procedures, the 128-bit UUID value shall be registered as having been assigned to (or by) the submitting organization, and shall be published.
16.4.2: Confirmation process
Successful registration is confirmed by the web-site response and web-publication.
16.4.3: Content of application
16.4.3.1: This clause specifies the information required by the RA to conduct the registration process.
NOTE: At the time of publication of Rec. ITU-T X.667 | ISO/IEC 9834-8, this information can be submitted by e-mail, telephone, or hard copy or by web-site registration.
16.4.3.2: Registration includes the following information:
a) Country in which the registering organization has its main headquarters;
b) Name of organization, with country registration information if a registered company, charity, etc. or affiliation to a known international organization;
c) Name and title, postal address, e-mail address, telephone and fax number for the contact point within the registering organization;
d) Free-form information establishing the bona fides of the registering organization as a means to audit and remove spurious registrations;
e) (Optionally) a URL that can be accessed to provide more information about the use of the UUID.
16.4.3.3: The content of a general application for an OID is specified in Rec. ITU-T X.660 | ISO/IEC 9834-1, clause 8.
16.5: Maintenance of a Web-based register
16.5.1: The RA shall maintain on a Web site of its choosing a register of all registrations.
16.5.2: Information about organizations involved in a registration shall be updated by the RA free of charge if the RA is given details of changes of company name, or similar information, with appropriate authorization for the change. The mechanism for doing this shall be determined by the RA, and shall be announced on its web site.
-----
In general, UUIDs have little redundancy, and there is little scope for checking their validity. However, if a UUID is accepted for registration, then it is guaranteed to be different from all other registered UUIDs.
Note: There are 2 ways of producing a URN for a particular UUID:
- use the "urn:uuid:" prefix as explained in clause 8 of Rec. ITU-T X.667 | ISO/IEC 9834-8.
- use the "urn:oid:2.25." prefix according to IETF RFC 3061 (but this alternative is not recommended by Rec. ITU-T X.667 | ISO/IEC 9834-8).
|
|
joint-iso-itu-t(2)
![[webmaster]](/images/enveloppe.jpg){kind=small}
