[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Identifier Type
Hi All, Drummond documented some requirements for Identifier Types on the wiki at: http://wiki.oasis-open.org/xri/Xri2Cd02/MetaData/I1IdentifierTypeSection . I'd like to add a couple thoughts to that topic. I can't actually remember if it was in a NAC working group, or in a collaborative working group between NAC, Open Group, and DMTF, that the following point was made (although concensus may not have been reached). To be fully qualified, and identifier must have at least 3 parts: 1) some expression of authority or namespace - This could be hierarchical - This makes it possible to attain global uniqueness - This gives an indication of _where_ to go for resolution 2) some expression of type - This gives an idication of _how_ to do resolution (some types of identifiers may have their own inherent mechanisms for expressing authority and non-XRI mechanisms for doing resolution - e.g., Open Group's concept of UUID pair where one UUID represents the principal, and the other represents the issuing authority) - This gives an indication how equivalence checking should be done (numeric comparison may yield different results than string comparison or distinguishedName comparison) - This gives and indication of characteristics that an identifier might have that may be of value to an application that encounters the identifier (e.g., if the identifier includes a check digit, or some fancy crypto features, the application may benefit from recognizing the presence of the features and exercising them) 3) the naked identifier - Recognize that some types of identifiers include the notion of authority or namespace, so the XRI notion of authority may not be needed. - Recognize that some types of identifiers may be generated by an algorithm that guarantees statistical uniqueness (e.g., Host Identity Tag) instead of being issued by an authority. The XRI notion of authority may not be needed for uniqueness; however, it might still add value for purposes of resolution. Imagine that an application encounters this identifier: "1.42.174.50". Should the application try to ping that IP, or try to resolve it as if it's an OID, or treat it as a serial number, or what? Earlier some of us discussed the feasibility of having different namespaces to indicate the type of identifier; however, that just didn't seem wholesome to me -- it seems to overload the notion of namespace. Finally Drummond suggested that this would be better handled with metadata in the $ namespace. To me, the $ metadata suggestion does seem wholesome. However, you have all been working with XRI much longer than me, and it may not seem wholesome to you (in which case I hope you can provide an even better idea). Thx, Marty.Schleiff@boeing.com; CISSP Associate Technical Fellow - Cyber Identity Specialist Computing Security Infrastructure (425) 957-5667
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]