The Object Identifier (OID) concept and implementation dates back to the mid-1980s, based on collaboration with the International Federation for Information Processing (IFIP) over the previous several years.

OIDs provide a persistent identification of objects based on a hierarchical structure of Registration Authorities (RA), where each parent has an object identifier and allocates object identifiers to child nodes. They provide a universal and flexible identification scheme for persistent objects. They are supported and recommended by ITU-T, ISO and IEC, and are in many ITU-T (and ITU-R) Recommendations, and ISO and IEC International Standards, since the middle 1980s, as part of the ASN.1 (Abstract Syntax Notation One).

Almost any organization, Recommendation, or Standard can obtain (if it not already has) an OID node. OIDs are fundamental for all security work in ITU, ISO and IETF, and are widely used in many standards.

What do we call a registration tree (or object identifier tree)?

How is the entire registration tree managed?

Where can I learn more about OIDs and registration?

In the early years of 2000, the Object Identifier tree was renamed as the International Object Identifier tree, and the names of arcs were extended to allow what were called "Unicode labels" - names in any language, using the Unicode character set - and were made available for computer communication alongside the original numbers.

At the same time, the concept of "long arcs" from the root of the International OID tree to a node at level 2 or below was introduced. Long arcs do not have numerical values, but provide an unambiguous reference to the node from the root using a Unicode label.

Use of a path specified purely in terms of the set of Unicode labels on the (normal or long) arcs from the root to a node is called an International Object Identifier for that node.

In order to support names of arcs in multiple languages, an arc can have multiple Unicode labels, giving rise to a need to transform a path using Unicode labels into a canonical form of purely numerical labels to identify the node. This is handled by the OID Resolution System (described below).

It is hard to summarize the uses. This OID repository gives an impression of the wide-spread use.

Known areas of use include:

• extensive use in security in IETF, Rec. ITU-T X.500, ISO/IEC, RSA and NIST encryption algorithms, etc.;
• extensive use in e-health standards;
• extensive use for network management (Management Information Bases or MIBs);
• Radio-Frequency Identification (RFID) tags;
• Common Alerting Protocol (CAP) for disaster notification.

Which kind of objects can be referenced by OIDs?

How to get an OID assigned?

Given that there are multiple ways of identifying an International Object Identifier tree node by a set of Unicode labels defining the path from the root to that node, there was a requirement to be able to transform that by an efficient on-line look-up into a canonical form consisting of the all-numeric identification of arcs of the path (canonicalization).

There was also a requirement for the management of a node to be able to store (and applications to retrieve) information associated with a node in a flexible way (node information retrieval). This was first identified in terms of RFID applications (What is the content of this jar of jam? Who is the owner of this piece of hold baggage? etc.) but now extends more widely.

There was a requirement for both of these look-up activities to be fully supported by authentication of the returned result with a trust anchor.

The OID Resolution System (ORS) was developed from 2004 onwards, and allows an application to obtain (online) application-specific information related to any node identified by an OID.

The ORS enables any one of the OID nodes to be mapped into DNS name zone files, and information about it can be obtained by a DNS look-up for further application processing. The system was initially designed to support RFID tag activity, but also has applications in many other application areas.

• Support for the International Object Identifier tree naming scheme: Uses Unicode, so all languages can be included in the identification of an object.
  
  
• Relation to DNS: International OIDs map to DNS names of the form zz.yy.xx.oid-res.org. Look-ups are based on DNS zone-file information, obtained via DNS port 53 (designed for the return of application-specific information).
  
  
• Security: DNS servers supporting the mapping from the International OID tree are required to support the DNSSEC protocol of the IETF, and will return information authenticated using an ITU-T X.500 certificate chain and a trust anchor.
  
  
• Hierarchical structure: Any Registration Authority that has been allocated a node in the International OID tree can make allocations to children (entirely within its own responsibility), and can provide (if requested) a pointer from its DNS zone files to a server maintained by its child for its own DNS zone files. This is entirely a matter between the parent and child, and is not constrained.
  
  
• Absence of restrictions: The International OID tree has potentially infinitely many children from each node, and an infinite depth of the tree. There is also no length restriction on the names used to identify arcs (or on the characters used, within Unicode).
  
  
• Application data: The ORS can resolve an OID into its canonical form, and can return authenticated URLs for access to any application information recorded in the zone files for that OID.