Re: Problem with oid root used in RFC1274

Peter Furniss <cziwprf@pluto.ulcc.ac.uk> Thu, 10 June 1993 23:59 UTC

Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa14097; 10 Jun 93 19:59 EDT
Received: from CNRI.RESTON.VA.US by IETF.CNRI.Reston.VA.US id aa14093; 10 Jun 93 19:59 EDT
Received: from haig.cs.ucl.ac.uk by CNRI.Reston.VA.US id aa29260; 10 Jun 93 19:59 EDT
Received: from bells.cs.ucl.ac.uk by haig.cs.ucl.ac.uk with local SMTP id <g.01401-0@haig.cs.ucl.ac.uk>; Fri, 11 Jun 1993 00:20:18 +0100
Via: uk.ac.nsfnet-relay; Fri, 11 Jun 1993 00:20:07 +0100
Via: uk.ac.ulcc.pluto; Fri, 11 Jun 1993 00:19:56 +0100
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: Peter Furniss <cziwprf@pluto.ulcc.ac.uk>
Message-Id: <373.9306102319@pluto.ulcc.ac.uk>
Subject: Re: Problem with oid root used in RFC1274
To: osi-ds@cs.ucl.ac.uk
Date: Fri, 11 Jun 93 0:19:52 BST
In-Reply-To: <9306091832.AA09044@tag>; from "Skip Slone" at Jun 9, 93 12:32 pm
Reply-To: P.Furniss@ulcc.ac.uk
X-Mailer: ELM [version 2.3 PL11]

Skip Slone writes:
> 
> Unless I'm way off base in my understanding, OIDs are, by design, extensible.  
> Anyone who has a legitimately assigned OID has the right and authority to assign
> further OIDs using the first one as the base.  From this perspective, a 
> conformant implementation is obligated to accept a syntactically correct OID as 
> an OID whether it understands the semantics or not.

The problem is "legitimately assigned OID". It is quite correct that
an implementation should handle unrecognised attribute names, even if
it hasn't the foggiest idea who it belongs to. The problem is that the
1274 root isnt valid - ccitt(0) 9 has not been assigned. Worse (I
should have made this the main point perhaps), {0 9} might one day be
assigned (by ITU-TS) to some sub-authority or list.

The problem of an implementation bouncing the oids is probably remote
- it would be reasonable to allow for new ccitt assigned arcs (and
would be essential to allow for new joint(2) arcs). But the oids in
rfc 1274 are NOT legitimate.

Despite which, your practical solution:

> 
> For new work, people can do what makes the most sense knowing what we 
> (collectively) know now, but for existing stuff, let's not rock the boat.  It's 
> working.  It's legitimate.  Let's not "fix" it.

maybe best, if naughty.

Peter Furniss