IETF Logo Mail Archive

Re: Use of private OIDs in WG (standard-track) documents

Massimiliano Pala <director@openca.org> Sat, 28 March 2015 13:47 UTC

Return-Path: <director@openca.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3780D1A87C3 for <ietf@ietfa.amsl.com>; Sat, 28 Mar 2015 06:47:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[none] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IXlYZrJAIYfT for <ietf@ietfa.amsl.com>; Sat, 28 Mar 2015 06:47:18 -0700 (PDT)
Received: from server.hackmasters.net (cl-757.qas-01.us.sixxs.net [IPv6:2001:4830:1600:2f4::2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A84EB1A87BF for <ietf@ietf.org>; Sat, 28 Mar 2015 06:47:16 -0700 (PDT)
Received: from nyc.openca.org (unknown [192.168.101.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by server.hackmasters.net (Postfix) with ESMTPS id 99AF341D6D for <ietf@ietf.org>; Sat, 28 Mar 2015 14:47:12 +0100 (CET)
Received: from localhost (unknown [127.0.0.1]) by nyc.openca.org (Postfix) with ESMTP id 32F0A154C23D for <ietf@ietf.org>; Sat, 28 Mar 2015 13:47:11 +0000 (UTC)
X-Virus-Scanned: amavisd-new at openca.org
Received: from nyc.openca.org ([127.0.0.1]) by localhost (blackmamba.openca.dyndns.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5LCJimxxopwl for <ietf@ietf.org>; Sat, 28 Mar 2015 09:47:09 -0400 (EDT)
Received: from iMassi.local (unknown [38.96.210.190]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by nyc.openca.org (Postfix) with ESMTPSA id 00D62154C234 for <ietf@ietf.org>; Sat, 28 Mar 2015 09:47:08 -0400 (EDT)
Message-ID: <5516B0DC.4060401@openca.org>
Date: Sat, 28 Mar 2015 08:47:08 -0500
From: Massimiliano Pala <director@openca.org>
Organization: OpenCA Labs
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: IETF Discussion Mailing List <ietf@ietf.org>
Subject: Re: Use of private OIDs in WG (standard-track) documents
References: <55163324.6030504@openca.org> <CAMm+Lwirfg8Z+TAwCU76Evqzv-6kfUB2UczaW6fn3BYyvNP1Og@mail.gmail.com>
In-Reply-To: <CAMm+Lwirfg8Z+TAwCU76Evqzv-6kfUB2UczaW6fn3BYyvNP1Og@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/P5GvRjUTRoTsAp4fAOQspyL0baY>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 28 Mar 2015 13:47:21 -0000

Hi Philip,

were those OIDs that for PKCS from RSA ? Is there any other example of 
this happening
in the last 5/10yrs ? I think that allowing this as a common practice is 
a bit dangerous.
Is this the official position of IETF ?

BTW, I think that once the sub-tree of the OID is assigned to the 
company, that is in
complete control of that company - that is why we have the private OIDs 
in the first
place.

If this is a practice that IETF should discourage, should we have a 
clear policy written
somewhere that we can all adhere to ?

I would like to know the official IETF position on this issue.

Cheers,
Max

On 3/28/15 12:42 AM, Phillip Hallam-Baker wrote:
> On Sat, Mar 28, 2015 at 12:50 AM, Massimiliano Pala <director@openca.org> wrote:
>> Hello IETF,
>>
>> small question: is it allowed to use private OIDs (i.e., subtree of
>> 1.3.6.1.4.1.XXXX.) in WG documents that are on standard track ? I am asking
>> because in the TRANS wg, that is what is happening and I do not really feel
>> comfortable adopting OIDs that are under the control of a single
>> organization. Would this be a first case ?
> Once the OID is assigned, it is out of control of the assigner. So it
> is not a problem. We have used RSA labs OIDs from the start.
>
> We have in the past had many discussions on this and various solutions
> proposed. One being to set up an OID for a specific project and hand
> that over to the IETF together with the spec.
>
> But at the end of the day, renumbering code points in existing specs
> only introduces divergence and error. It is to be avoided.

v2.23.0 | Report a Bug | By Email