[ldap-sdk-commits] SF.net SVN: ldap-sdk:[1590] trunk

[<di...@us...>]

Revision: 1590
          http://sourceforge.net/p/ldap-sdk/code/1590
Author:   dirmgr
Date:     2023-03-02 21:07:49 +0000 (Thu, 02 Mar 2023)
Log Message:
-----------
Add RFC 9371 and link to IANA PEN registry

Updated the set of LDAP-related specifications to include RFC 9371,
which describes the procedures for registering private enterprise
numbers (PENs), which may be used when defining your own object
identifiers for custom schema elements or other purposes.  The OID
registry document has also been updated to provide a link to this
RFC and to the IANA PEN registry.

Modified Paths:
--------------
    trunk/docs/ldap-oid-reference.html
    trunk/docs/release-notes.html
    trunk/docs/specs/rfcs.html
    trunk/tests/unit/src/com/unboundid/util/OIDRegistryTestCase.java

Added Paths:
-----------
    trunk/docs/specs/rfc9371.txt

Modified: trunk/docs/ldap-oid-reference.html
===================================================================
--- trunk/docs/ldap-oid-reference.html	2023-02-10 21:58:14 UTC (rev 1589)
+++ trunk/docs/ldap-oid-reference.html	2023-03-02 21:07:49 UTC (rev 1590)
@@ -10,6 +10,10 @@
                 Object identifiers are used throughout LDAP, but they are particularly common in schema elements, controls, and extended operations. This document provides a table of some of the most common OIDs used in LDAP along with a brief explanation of their purpose and (when applicable) a reference to the appropriate specification.
               </p>
 
+              <p>
+                If you need to define OIDs for your own use (for example, for defining custom attribute types or object classes), you may use the <a href="https://www.iana.org/assignments/enterprise-numbers/" target="_blank">IANA Private Enterprise Numbers (PENs) registry</a> provides an option to request an official OID base, as per <a href="${BASE}specs/rfc9371.txt" target="_blank">RFC 9371</a>.
+              </p>
+
               <table border="1" cellpadding="5" cellspacing="0">
                 <tr>
                   <th align="left">OID</th>

Modified: trunk/docs/release-notes.html
===================================================================
--- trunk/docs/release-notes.html	2023-02-10 21:58:14 UTC (rev 1589)
+++ trunk/docs/release-notes.html	2023-03-02 21:07:49 UTC (rev 1590)
@@ -67,6 +67,15 @@
                 </li>
 
                 <li>
+                  Updated the set of LDAP-related specifications to include RFC 9371, which
+                  describes the procedures for registering private enterprise numbers (PENs),
+                  which may be used when defining your own object identifiers for custom schema
+                  elements or other purposes.  The OID registry document has also been updated to
+                  provide a link to this RFC and to the IANA PEN registry.
+                  <br><br>
+                </li>
+
+                <li>
                   Updated documentation to include the latest versions of
                   draft-howard-gssapi-aead, draft-ietf-kitten-scram-2fa, draft-melnikov-scram-bis,
                   and draft-reitzenstein-kitten-opaque in the set of LDAP-related specifications.

Added: trunk/docs/specs/rfc9371.txt
===================================================================
--- trunk/docs/specs/rfc9371.txt	                        (rev 0)
+++ trunk/docs/specs/rfc9371.txt	2023-03-02 21:07:49 UTC (rev 1590)
@@ -0,0 +1,273 @@
+
+
+
+
+Internet Engineering Task Force (IETF)                          A. Baber
+Request for Comments: 9371                                          IANA
+Category: Informational                                       P. Hoffman
+ISSN: 2070-1721                                                    ICANN
+                                                              March 2023
+
+
+     Registration Procedures for Private Enterprise Numbers (PENs)
+
+Abstract
+
+   This document describes how Private Enterprise Numbers (PENs) are
+   registered by IANA.  It shows how to request a new PEN and how to
+   modify a current PEN.  It also gives a brief overview of PEN uses.
+
+Status of This Memo
+
+   This document is not an Internet Standards Track specification; it is
+   published for informational purposes.
+
+   This document is a product of the Internet Engineering Task Force
+   (IETF).  It represents the consensus of the IETF community.  It has
+   received public review and has been approved for publication by the
+   Internet Engineering Steering Group (IESG).  Not all documents
+   approved by the IESG are candidates for any level of Internet
+   Standard; see Section 2 of RFC 7841.
+
+   Information about the current status of this document, any errata,
+   and how to provide feedback on it may be obtained at
+   https://www.rfc-editor.org/info/rfc9371.
+
+Copyright Notice
+
+   Copyright (c) 2023 IETF Trust and the persons identified as the
+   document authors.  All rights reserved.
+
+   This document is subject to BCP 78 and the IETF Trust's Legal
+   Provisions Relating to IETF Documents
+   (https://trustee.ietf.org/license-info) in effect on the date of
+   publication of this document.  Please review these documents
+   carefully, as they describe your rights and restrictions with respect
+   to this document.  Code Components extracted from this document must
+   include Revised BSD License text as described in Section 4.e of the
+   Trust Legal Provisions and are provided without warranty as described
+   in the Revised BSD License.
+
+Table of Contents
+
+   1.  Introduction
+     1.1.  Uses of PENs
+   2.  PEN Assignment
+     2.1.  Requesting a PEN Assignment
+     2.2.  Modifying an Existing Record
+     2.3.  Deleting a PEN Record
+   3.  PEN Registry Specifics
+   4.  IANA Considerations
+   5.  Security Considerations
+   6.  References
+     6.1.  Normative References
+     6.2.  Informative References
+   Acknowledgements
+   Authors' Addresses
+
+1.  Introduction
+
+   Private Enterprise Numbers (PENs) are identifiers that can be used
+   anywhere that an ASN.1 object identifier (OID) [ASN1] can be used.
+   Originally, PENs were developed so that organizations that needed to
+   identify themselves in Simple Network Management Protocol (SNMP)
+   [RFC3411] Management Information Base (MIB) configurations could do
+   so easily.  PENs are also useful in any application or configuration
+   language that needs OIDs to identify organizations.
+
+   The IANA Functions Operator, referred to in this document as "IANA",
+   manages and maintains the PEN registry in consultation with the IESG.
+   PENs are issued from an OID prefix that was assigned to IANA.  That
+   OID prefix is 1.3.6.1.4.1.  Using the (now archaic) notation of
+   ownership names in the OID tree, that corresponds to:
+
+   1   3   6   1        4       1
+   iso.org.dod.internet.private.enterprise
+
+   A PEN is an OID that begins with the PEN prefix.  Thus, the OID
+   1.3.6.1.4.1.32473 is a PEN.
+
+1.1.  Uses of PENs
+
+   Once a PEN has been assigned to an organization, individual, or other
+   entity, that assignee can use the PEN by itself (possibly to
+   represent the assignee) or as the root of other OIDs associated with
+   the assignee.  For example, if an assignee is assigned the PEN
+   1.3.6.1.4.1.32473, it might use 1.3.6.1.4.1.32473.7 to identify a
+   protocol extension and use 1.3.6.1.4.1.32473.12.3 to identify a set
+   of algorithms that it supports in a protocol.
+
+   Neither IANA nor the IETF can control how an assignee uses its PEN.
+   In fact, no one can exert such control: that is the meaning of
+   "private" in "private enterprise number".  Similarly, no one can
+   prevent an assignee that is not the registered owner of a PEN from
+   using that PEN, or any PEN, however they want.
+
+   A very common use of PENs is to give unique identifiers in IETF
+   protocols.  SNMP MIB configuration files use PENs for identifying the
+   origin of values.  Protocols that use PENs as identifiers of
+   extension mechanisms include RADIUS [RFC2865], Diameter [RFC6733],
+   Syslog [RFC5424], RSVP [RFC5284], and vCard [RFC6350].
+
+2.  PEN Assignment
+
+   PENs are assigned by IANA.  The registry is located at
+   <https://www.iana.org/assignments/enterprise-numbers>, and requests
+   for new assignments or the modification of existing assignments can
+   also be submitted at that URL.
+
+   IANA maintains the PEN registry in accordance with the "First Come
+   First Served" registration policy described in [RFC8126].  Values are
+   assigned sequentially.
+
+2.1.  Requesting a PEN Assignment
+
+   Requests for assignment must provide the name of the assignee, the
+   name of a public contact who can respond to questions about the
+   assignment, and contact information that can be used to verify change
+   requests.  The contact's name and email address will be included in
+   the public registry.
+
+   A prospective assignee may request multiple PENs, but obtaining one
+   PEN and making internal sub-assignments is typically more
+   appropriate.  (Sub-assignments should not be reported to IANA.)
+
+   IANA may refuse to process abusive requests.
+
+2.2.  Modifying an Existing Record
+
+   Any of the information associated with a registered value can be
+   modified, including the name of the assignee.
+
+   Modification requests require authorization by a representative of
+   the assignee.  Authorization will be validated either with
+   information kept on file with IANA or with other identifying
+   documentation, if necessary.
+
+2.3.  Deleting a PEN Record
+
+   Although such requests are rare, registrations can be deleted.  When
+   a registration is deleted, all identifying information is removed
+   from the registry, and the value is marked as "returned."  Returned
+   values will not be made available for reassignment until all other
+   unassigned values have been exhausted; as can be seen in Section 3,
+   the unassigned values are unlikely to ever run out.
+
+3.  PEN Registry Specifics
+
+   The range for values after the PEN prefix is 0 to 2**32-1.  The
+   values 0 and 4294967295 (2**32-1) are reserved.  Note that while the
+   original PEN definition had no upper bound for the value after the
+   PEN prefix, there is now an upper bound due to some IETF protocols
+   limiting the size of that value.  For example, Diameter [RFC6733]
+   limits the value to 2**32-1.
+
+   There is a PEN number, 32473, reserved for use as an example in
+   documentation.  This reservation is described in [RFC5612].
+
+   Values in the registry that have unclear ownership are marked
+   "Reserved".  These values will not be reassigned to a new company or
+   individual without consulting the IESG.
+
+4.  IANA Considerations
+
+   Per this document, IANA has made the following changes to the PEN
+   registry:
+
+   *  Values 2187, 2188, 3513, 4164, 4565, 4600, 4913, 4999, 5099, 5144,
+      5201, 5683, 5777, 6260, 6619, 14827, 16739, 26975, and the range
+      from 11670 to 11769, which had been missing from the registry,
+      have been listed as "Reserved."  As described in [RFC8126],
+      reserved values can be released by the IESG.
+
+   *  This document has been listed in the registry's "Reference" field.
+
+   *  "First Come First Served" has been listed as its registration
+      procedure.
+
+5.  Security Considerations
+
+   Registering PENs does not introduce any significant security
+   considerations.
+
+   There is no cryptographic binding of a registrant in the PEN registry
+   and the PEN(s) assigned to them.  Thus, the entries in the PEN
+   registry cannot be used to validate the ownership of a PEN in use.
+   For example, if the PEN 1.3.6.1.4.1.32473 is seen in a protocol as
+   indicating the owner of some data, there is no way to securely
+   correlate that use with the name and assignee of the owner listed in
+   the PEN registry.
+
+6.  References
+
+6.1.  Normative References
+
+   [RFC8126]  Cotton, M., Leiba, B., and T. Narten, "Guidelines for
+              Writing an IANA Considerations Section in RFCs", BCP 26,
+              RFC 8126, DOI 10.17487/RFC8126, June 2017,
+              <https://www.rfc-editor.org/info/rfc8126>.
+
+6.2.  Informative References
+
+   [ASN1]     ITU-T, "Information technology - ASN.1 encoding rules:
+              Specification of Basic Encoding Rules (BER), Canonical
+              Encoding Rules (CER) and Distinguished Encoding Rules
+              (DER)", ITU-T Recommendation X.690, February 2021,
+              <https://www.itu.int/rec/T-REC-X.690/en>.
+
+   [RFC2865]  Rigney, C., Willens, S., Rubens, A., and W. Simpson,
+              "Remote Authentication Dial In User Service (RADIUS)",
+              RFC 2865, DOI 10.17487/RFC2865, June 2000,
+              <https://www.rfc-editor.org/info/rfc2865>.
+
+   [RFC3411]  Harrington, D., Presuhn, R., and B. Wijnen, "An
+              Architecture for Describing Simple Network Management
+              Protocol (SNMP) Management Frameworks", STD 62, RFC 3411,
+              DOI 10.17487/RFC3411, December 2002,
+              <https://www.rfc-editor.org/info/rfc3411>.
+
+   [RFC5284]  Swallow, G. and A. Farrel, "User-Defined Errors for RSVP",
+              RFC 5284, DOI 10.17487/RFC5284, August 2008,
+              <https://www.rfc-editor.org/info/rfc5284>.
+
+   [RFC5424]  Gerhards, R., "The Syslog Protocol", RFC 5424,
+              DOI 10.17487/RFC5424, March 2009,
+              <https://www.rfc-editor.org/info/rfc5424>.
+
+   [RFC5612]  Eronen, P. and D. Harrington, "Enterprise Number for
+              Documentation Use", RFC 5612, DOI 10.17487/RFC5612, August
+              2009, <https://www.rfc-editor.org/info/rfc5612>.
+
+   [RFC6350]  Perreault, S., "vCard Format Specification", RFC 6350,
+              DOI 10.17487/RFC6350, August 2011,
+              <https://www.rfc-editor.org/info/rfc6350>.
+
+   [RFC6733]  Fajardo, V., Ed., Arkko, J., Loughney, J., and G. Zorn,
+              Ed., "Diameter Base Protocol", RFC 6733,
+              DOI 10.17487/RFC6733, October 2012,
+              <https://www.rfc-editor.org/info/rfc6733>.
+
+Acknowledgements
+
+   An earlier draft version of this document was authored by Pearl Liang
+   and Alexey Melnikov.  Additional significant contributions have come
+   from Dan Romascanu, Bert Wijnen, David Conrad, Michelle Cotton, and
+   Benoit Claise.
+
+Authors' Addresses
+
+   Amanda Baber
+   Internet Assigned Numbers Authority
+   PTI/ICANN
+   12025 Waterfront Drive
+   Los Angeles,  90094
+   United States of America
+   Email: ama...@ia...
+
+
+   Paul Hoffman
+   ICANN
+   12025 Waterfront Drive
+   Los Angeles,  90094
+   United States of America
+   Email: pau...@ic...

Modified: trunk/docs/specs/rfcs.html
===================================================================
--- trunk/docs/specs/rfcs.html	2023-02-10 21:58:14 UTC (rev 1589)
+++ trunk/docs/specs/rfcs.html	2023-03-02 21:07:49 UTC (rev 1590)
@@ -794,6 +794,12 @@
     Obsoletes:  <a href="rfc5653.txt">RFC 5653</a>
     <br><br>
   </li>
+
+  <li>
+    <a href="rfc9371.txt">RFC 9371</a>:  Registration Procedures for Private Enterprise Numbers
+                                      (PENs)
+    <br><br>
+  </li>
 </ul>
 
 

Modified: trunk/tests/unit/src/com/unboundid/util/OIDRegistryTestCase.java
===================================================================
--- trunk/tests/unit/src/com/unboundid/util/OIDRegistryTestCase.java	2023-02-10 21:58:14 UTC (rev 1589)
+++ trunk/tests/unit/src/com/unboundid/util/OIDRegistryTestCase.java	2023-03-02 21:07:49 UTC (rev 1590)
@@ -320,6 +320,17 @@
            "reference to the appropriate specification.");
       w.println(baseIndent + "</p>");
       w.println();
+      w.println(baseIndent + "<p>");
+      w.println(baseIndent + "  If you need to define OIDs for your own use " +
+           "(for example, for defining custom attribute types or object " +
+           "classes), you may use the <a " +
+           "href=\"https://www.iana.org/assignments/enterprise-numbers/\" " +
+           "target=\"_blank\">IANA Private Enterprise Numbers (PENs) " +
+           "registry</a> provides an option to request an official OID base, " +
+           "as per <a href=\"${BASE}specs/rfc9371.txt\" " +
+           "target=\"_blank\">RFC 9371</a>.");
+      w.println(baseIndent + "</p>");
+      w.println();
       w.println(baseIndent + "<table border=\"1\" cellpadding=\"5\" " +
            "cellspacing=\"0\">");
       w.println(baseIndent + "  <tr>");

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.