OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xri message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Identifier Type

Hi All,

Drummond documented some requirements for Identifier Types on the wiki
. I'd like to add a couple thoughts to that topic.

I can't actually remember if it was in a NAC working group, or in a
collaborative working group between NAC, Open Group, and DMTF, that the
following point was made (although concensus may not have been reached).

To be fully qualified, and identifier must have at least 3 parts:

 1) some expression of authority or namespace
    - This could be hierarchical
    - This makes it possible to attain global uniqueness
    - This gives an indication of _where_ to go for resolution

 2) some expression of type
    - This gives an idication of _how_ to do resolution (some types of
identifiers may have their own inherent mechanisms for expressing
authority and non-XRI mechanisms for doing resolution - e.g., Open
Group's concept of UUID pair where one UUID represents the principal,
and the other represents the issuing authority)
    - This gives an indication how equivalence checking should be done
(numeric comparison may yield different results than string comparison
or distinguishedName comparison)
    - This gives and indication of characteristics that an identifier
might have that may be of value to an application that encounters the
identifier (e.g., if the identifier includes a check digit, or some
fancy crypto features, the application may benefit from recognizing the
presence of the features and exercising them)

 3) the naked identifier
    - Recognize that some types of identifiers include the notion of
authority or namespace, so the XRI notion of authority may not be
    - Recognize that some types of identifiers may be generated by an
algorithm that guarantees statistical uniqueness (e.g., Host Identity
Tag) instead of being issued by an authority. The XRI notion of
authority may not be needed for uniqueness; however, it might still add
value for purposes of resolution.

Imagine that an application encounters this identifier: "".
Should the application try to ping that IP, or try to resolve it as if
it's an OID, or treat it as a serial number, or what? Earlier some of us
discussed the feasibility of having different namespaces to indicate the
type of identifier; however, that just didn't seem wholesome to me -- it
seems to overload the notion of namespace. Finally Drummond suggested
that this would be better handled with metadata in the $ namespace. To
me, the $ metadata suggestion does seem wholesome. However, you have all
been working with XRI much longer than me, and it may not seem wholesome
to you (in which case I hope you can provide an even better idea).


Marty.Schleiff@boeing.com; CISSP
Associate Technical Fellow - Cyber Identity Specialist
Computing Security Infrastructure
(425) 957-5667

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]