Date: Fri, 13 Sep 2002 07:53:33 -0700 From: Terry Lambert <tlambert2@mindspring.com> To: "Jason C. Wells" <jcwells1@highperformance.net> Cc: FreeBSD-chat <freebsd-chat@freebsd.org> Subject: Re: LDAP, Schema, and OIDs Message-ID: <3D81FBED.8FBD1FFC@mindspring.com> References: <20020912211919.B90870-100000@server2.highperformance.net>
next in thread | previous in thread | raw e-mail | index | archive | help
"Jason C. Wells" wrote: > I am just learning about LDAP. I read about warnings not to create > fictitious OIDs and not to modify default schema files. > > Why are OIDs globalized? > > Who cares what anyone else uses for OIDs in their databases? > > I have no care if FreeBSD uses a certain OID for an attribute. I have no > care if FreeBSD uses the same OID as I do for an attribute. Just like I > don't care if jcwells1@freebsd.org also exists. > > In fact, I think I might prefer to not use schema that are given by > default. (names like "o" are just stupid, i don't want to save a byte, i > want to be able to read the data) I would prefer to not have to > contact IANA to give me a number. > > These things are probably this way for a reason. What is the reason? OIDs for LDAP are the same as OIDs for SNMP. They are globally allocated out of an organizational OID space; you can apply for a number assignment within this space at: http://www.iana.org/cgi-bin/enterprise.pl The main reason that they are globalized is the same reason that the DNS is globalized. The are a set of identifiers for a hierarchical database. There is also the possibility of two organizations executing a merger, which results in them becoming one organization. Can you imagine the chaos of trying to integrate two personnel databases, if objects in those databases had the same OIDs? In practice, you can probably grab an obsolete OID out of: http://www.iana.org/assignments/smi-numbers From: Prefix: iso.org.dod.internet.experimental (1.3.6.1.3.) And then add 4 random roots from 1-256, to get a top level oid for your private use that only as a one in 2^32 chance of stomping someone elses, e.g.: 1.3.6.1.3.77.[1-255].[1-255].[1-255].[1-255] Which is "stomp the rtpmib experimental OID, and add a tree four down from the top, in the hope of avoiding collisions". Unfortunately, there isn't a "private use area" enterprise that has been defined under: 1.3.6.1 internet If you want, you could write an RFC; it would be pretty trivial to standardize an "Assigned IP address based MIB" that would let you have, say (X would be the assigned space): 1.3.6.1.X. IP address specific OIDs 1.3.6.1.X.0. Reserved 1.3.6.1.X.1. IPv4 1.3.6.1.X.1.0. Reserved 1.3.6.1.X.1.1. IPv4 address tupple follows 1.3.6.1.X.2. IPv6 1.3.6.1.X.2.0. Reserved 1.3.6.1.X.2.1. IPv6 address tupple follows With, e.g.: 1.3.6.1.X.1.1.192.168.0.1. OID prefix for this IPv4 host If you wanted to do this, I would support you through the IETF process, if you needed it, or even help you coauthor the RFC, in order to get an "X" assigned, and to get the two subelement numbers following it into the control of IANA. Note that this would only technically work with static IP address assignments... maybe we could define a 1.3.6.1.X.3. that used the 6 element MAC address tuple, instead... ;^). I'd want a mention in the text, in any case... -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D81FBED.8FBD1FFC>