Mark Hinckley | 8 Apr 00:11 2011
Picon

Schema OID definition limits

Is there a limit defined in the LDAP RFCs anywhere for the length of the OID value for a schema definition, for example inetOrgPerson is 2.16.840.1.113730.3.2.2, whereas organization is 2.5.6.4.  Is there a maximum length defined for how long that digit string can be for custom schema?  For example, should 1.2.840.112233.1.1234.5678.12345.1234.123456.1234 be considered legal?
 
Thanks,
Mark Hinckley
 
 
_______________________________________________
Ldapext mailing list
Ldapext <at> ietf.org
https://www.ietf.org/mailman/listinfo/ldapext
Hallvard B Furuseth | 8 Apr 00:51 2011
Picon
Picon

Re: Schema OID definition limits

Mark Hinckley writes:
> Is there a limit defined in the LDAP RFCs anywhere for the length of
> the OID value for a schema definition, for example inetOrgPerson is
> 2.16.840.1.113730.3.2.2, whereas organization is 2.5.6.4.

I don't think so.  Object identifiers are defined by ASN.1, the LDAP
RFCs just refer to it.

> Is there a
> maximum length defined for how long that digit string can be for
> custom schema?  For example, should
> 1.2.840.112233.1.1234.5678.12345.1234.123456.1234 be considered legal?

That's a valid OID.  There are some limits:

1st component must be <= 2.  If 1st comp. <= 1, then 2nd component must
be < 40.  That's due to the ASN.1/BER representation of OIDs, which
represents the first two components as one number 40*<1st component> +
<2nd component>.

Finally, your OIDs might meet a quick-and-dirty implementation which
represents OID components as fixed-size machine integers.  So it may be
advisable to stick to components < 2**31, and 2nd component < 2**31/40.
Or nowadays, perhaps I should be saying 63 instead of 31 bits.  (The
final bit would be for the sign, or for a "this is the last OID
component" flag.)

--

-- 
Hallvard
Hallvard B Furuseth | 8 Apr 00:59 2011
Picon
Picon

Re: Schema OID definition limits

I wrote:
>Mark Hinckley writes:
>> Is there a limit defined in the LDAP RFCs anywhere for the length of
>> the OID value for a schema definition, for example inetOrgPerson is
>> 2.16.840.1.113730.3.2.2, whereas organization is 2.5.6.4.
> 
> I don't think so.  Object identifiers are defined by ASN.1, the LDAP
> RFCs just refer to it.

Whoops - poorly placed sentence.  To clarify: Nor do I know of
limitations in ASN.1:-)

> Finally, your OIDs might meet a quick-and-dirty implementation which
> represents OID components as fixed-size machine integers.  So it may be
> advisable to stick to components < 2**31, and 2nd component < 2**31/40.
> Or nowadays, perhaps I should be saying 63 instead of 31 bits.  (The
> final bit would be for the sign, or for a "this is the last OID
> component" flag.)

For the positive sign, I should have said.  For languages or code which
use signed integers.

--

-- 
Hallvard
Michael Ströder | 9 Apr 14:01 2011

Fwd: [ldap] LDAPCon 2011 Call for Papers

Maybe some of the subscribers are interested in this.

Ciao, Michael.

-------- Original Message --------
Subject: [ldap] LDAPCon 2011 Call for Papers
Date: Fri, 08 Apr 2011 14:46:47 +0200
From: Peter Gietz <peter.gietz <at> daasi.de>
To: ldap <at> umich.edu

With the usual apologies.

The 3rd Edition of the International Conference on LDAP (LDAPCon
2011[1]) will be held on October, 10-11, 2011 in Heidelberg, Germany.
A Call For Papers[2] has been raised and the Program Committee asks you
to submit abstracts by July 8th.

The International Conference on LDAP is a technical forum for IT
professionals interested in LDAP and related topics like directory
servers, directory management applications, directory integration,
identity and access management, and meta directories.

It focuses on implementation and integration of LDAP servers and
LDAP-enabled client applications. The event will bring together vendors,
developers, active and prospective LDAP practitioners to share their
experiences about deployment strategies, service operations,
interoperability, discuss LDAP usage in new projects and learn about
upcoming trends and developments.

The 1st LDAPCon[3] was held in September 2007 in Germany, the 2nd
LDAPCon[4] was held in September 2009 in Portland, Oregon, USA
(Some pictures from LDAPCon 2007 [5] and a nice summary of LDAPCon 2009 [6])

So if you're involved with LDAP in interesting projects and you want to
share your experiences, please check the Call For Papers and submit a
proposal.

Best,

Peter

[1]: http://www.ldapcon.org
[2]: http://www.daasi.de/ldapcon2011/index.php?site=cfp
[3]: http://www.guug.de/veranstaltungen/ldapcon2007/index.html
[4]: http://www.symas.com/ldapcon2009
[5]: http://www.flickr.com/photos/ludovic_p/sets/72157601937159198/detail/
[6]: http://blogs.sun.com/Ludo/entry/ldapcon_2009_summary

--

-- 
_______________________________________________________________________

Peter Gietz (CEO)
DAASI International GmbH                   phone: +49 7071 407109-0
Europaplatz 3                              Fax:   +49 7071 407109-9
D-72074 Tübingen                           mail:  peter.gietz <at> daasi.de
Germany                                    Web:   www.daasi.de

DAASI International GmbH, Tübingen
Geschäftsführer Peter Gietz, Amtsgericht Stuttgart HRB 382175

Directory Applications for Advanced Security and Information Management
_______________________________________________________________________

Gmane