[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Private OID range(s) ?

Subject: Re: Private OID range(s) ?
From: Emmanuel LÃcharny <elecharny@gmail.com>
Date: Sun, 26 Feb 2012 16:13:41 +0100
Authentication-results: mr.google.com; spf=pass (google.com: domain of elecharny@gmail.com designates 10.180.89.71 as permitted sender) smtp.mail=elecharny@gmail.com; dkim=pass header.i=elecharny@gmail.com
Cc: openldap-technical@openldap.org
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:reply-to:user-agent:mime-version:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=K3267YvC/0Ui80c789QXBPbkZ9aHCrNZ7cryMSesWTY=; b=G0Km/KUO8ltHGSLe3QjQCwrfLn9jlyqSmHMVujpSvN7OytjecndEB4Sd4jMdDYG7LB SKTfaY8gwRJj9IRBmRMA0YRQZ/kOZOFfS6UopyuMc33Iu7Ujr3YnEfSp66dHnyOaobWR XYsUJjVIfwm7FJzgrkhZ45lHec8BKSukAqevE=
In-reply-to: <9d7465b9909377e526f31bc8e177d7e5@ulrik.uio.no>
References: <4F4786CF.3040203@eurobjects.com> <4F47AA1E.20504@gmail.com> <4F48176E.1000509@eurobjects.com> <4F48C645.6050206@stroeder.com> <4F48CCAB.1050808@eurobjects.com> <4F48D0EF.7080701@stroeder.com> <CAG8=FRjWPoo6XF5Pvb9vh6eQ+nLAYHjFmv8c-OFz_QUcaGkcyg@mail.gmail.com> <9d7465b9909377e526f31bc8e177d7e5@ulrik.uio.no>
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2

Le 2/26/12 3:48 PM, Hallvard B Furuseth a Ãcrit :

Emmanuel Lecharny <elecharny@apache.org> wrote:

For completness, the reason OIDs are starting with 0, 1 or 2 and
nothing else is that the two first numbers are encoded in one byte.
Using a higher value is not a good idea.


Not quite.  Been reading _A Layman's Guide to a Subset of ASN.1, BER,
and DER_?  It has some errors.

For the two first OID components X.Y, Y must be < 40 if X < 2, and
X must be <= 2.  If X = 2, Y can be any nonnegative number.

That's because BER stores each OID component is stored as an integer,
except the two first components are stored as one integer 40X+Y.
It's a space optimization which the inventors later came to regret.

Also it's preferable to keep 40X+Y and each component < 2**31, in
case your OIDs meet some implementation which stores each component
as a machine integer.

LDAP itself does not use BER format for OIDs, it sends the text
format.  Except in a few places like certificates.

I should have double checked my (6 years old) facts :)

Thanks Hallvard !


--
Regards,
Cordialement,
Emmanuel LÃcharny
www.iktek.com

References:
- Private OID range(s) ?
  - From: Nick Milas <nick@eurobjects.com>
- Re: Private OID range(s) ?
  - From: Emmanuel LÃcharny <elecharny@gmail.com>
- Re: Private OID range(s) ?
  - From: Nick Milas <nick@eurobjects.com>
- Re: Private OID range(s) ?
  - From: Michael StrÃder <michael@stroeder.com>
- Re: Private OID range(s) ?
  - From: Nick Milas <nick@eurobjects.com>
- Re: Private OID range(s) ?
  - From: Michael StrÃder <michael@stroeder.com>
- Re: Private OID range(s) ?
  - From: Emmanuel Lecharny <elecharny@apache.org>
- Re: Private OID range(s) ?
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>

Prev by Date: Re: Private OID range(s) ?
Next by Date: Re: Private OID range(s) ?
Index(es):
- Chronological
- Thread