Internet-Draft PEN registration August 2022
Baber & Hoffman Expires 16 February 2023 [Page]
Workgroup:
Network Working Group
Internet-Draft:
draft-pti-pen-registration-07
Published:
Intended Status:
Informational
Expires:
Authors:
A. Baber
IANA
P. Hoffman
ICANN

Registration Procedures for Private Enterprise Numbers (PENs)

Abstract

This document describes how Private Enterprise Numbers (PENs) are registered by IANA. It shows how to request a new PEN and how to request an update to a current PEN. It also gives a brief overview of PEN uses.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on 16 February 2023.

Table of Contents

1. Introduction

Private Enterprise Numbers (PENs) are identifiers that can be used anywhere that an ASN.1 object identifier (OID) [ASN1] can be used. Originally, PENs were developed so that organizations that needed to identify themselves in Simple Network Management Protocol (SNMP) [RFC3411] Management Information Base (MIB) configurations could do so easily. PENs are also useful in any application or configuration language that needs OIDs to identify organizations.

The IANA Functions Operator, referred to in this document as "IANA", manages and maintains the PEN registry in consultation with the IESG. PENs are issued from an OID prefix that was assigned to IANA. That OID prefix is 1.3.6.1.4.1. Using the (now archaic) notation of ownership names in the OID tree, that corresponds to:

1   3   6   1        4       1
iso.org.dod.internet.private.enterprise

A PEN is an OID that begins with the PEN prefix. Thus, the OID 1.3.6.1.4.1.32473 is a PEN.

1.1. Uses of PENs

Once a PEN has been assigned to an organization, individual, or other entity, that assignee can use the PEN by itself (possibly to represent the assignee) or as the root of other OIDs associated with the assignee. For example, if an assignee is assigned the PEN 1.3.6.1.4.1.32473, it might use 1.3.6.1.4.1.32473.7 to identify a protocol extension and use 1.3.6.1.4.1.32473.12.3 to identify a set of algorithms that it supports in a protocol.

Neither IANA nor the IETF can control how an assignee uses its PEN. In fact, no one can exert such control: that is the meaning of "private" in "private enterprise number". Similarly, no one can prevent an assignee that is not the registered owner of a PEN from using that PEN, or any PEN, however they want.

A very common use of PENs is to give unique identifiers in IETF protocols. SNMP MIB configuration files use PENs for identifying the origin of values. Some protocols that use PENs as identifiers of extension mechanisms include RADIUS [RFC2865], DIAMETER [RFC3588], Syslog [RFC5424], RSVP [RFC5284], and vCard [RFC6350].

2. PEN Assignment

Private Enterprise Numbers (PENs) are assigned by IANA. Requests for new assignments or the modification of existing assignments can be submitted through the IANA web site.

IANA maintains the PEN registry in accordance with the "First Come First Served" registration policy described in [RFC8126]. Values are assigned sequentially.

2.1. Requesting a PEN Assignment

Requests for assignment must provide the name of the assignee, the name of a public contact who can respond to questions about the assignment, and contact information that can be used to verify change requests. The contact's name and email address will be included in the public registry.

A proposed assignee may request multiple PENs, but obtaining one PEN and making internal sub-assignments is typically more appropriate. (Sub-assignments should not be reported to IANA.)

IANA may refuse to process abusive requests.

2.2. Modifying an Existing Record

Any of the information associated with a registered value can be modified, including the name of the assignee.

Modification requests require authorization by a representative of the assignee. Authorization will be validated either with information kept on file with IANA or with other identifying documentation, if necessary.

2.3. Deleting a PEN Record

Although such requests are rare, registrations can be deleted. Values associated with deleted registrations will not be made available for re-assignment until all other unassigned values have been exhausted.

3. PEN Registry Specifics

The range for values after the PEN prefix is 0 to 2**32-1. The values 0 and 4294967295 (2**32-1) are reserved. Note that while the original PEN definition had no upper bound for the value after the PEN prefix, there is now an upper bound due to some IETF protocols limiting the size of that value. For example, DIAMETER [RFC3588] limits the value to 2**32-1.

There is a PEN number, 32473, reserved for use as an example in documentation. This reservation is described in [RFC5612].

Values in the registry that have unclear ownership are marked "Reserved". These values will not be reassigned to a new company or individual without consulting the IESG.

4. IANA Considerations

This entire document consists of considerations for IANA and for its customers who want to apply for, modify, or delete a PEN.

Values 2187, 2188, 3513, 4164, 4565,4600, 4913, 4999, 5099, 5144, 5201, 5683, 5777, 6260, 6619, 14827, 16739, 26975 and the range from 11670 to 11769, which had been missing from the registry, will be listed as "Reserved." As described in [RFC8126], reserved values can be released by the IESG.

5. Security Considerations

Registering PENs does not introduce any significant security considerations.

There is no cryptographic binding of a registrant in the PEN registry and the PEN(s) assigned to them. Thus, the entries in the PEN registry cannot be used to validate the ownership of a PEN in use. For example, if the PEN 1.3.6.1.4.1.32473 is seen in a protocol as indicating the owner of some data, there is no way to securely correlate that use with the name and assignee of the owner listed in the PEN registry.

6. Acknowledgements

An earlier version of this document was authored by Pearl Liang and Alexey Melnikov. Additional significant contributions have come from Dan Romascanu, Bert Wijnen, David Conrad, Michelle Cotton, and Benoit Claise.

7. Informative References

[ASN1]
ITU-T, "ITU-T X.690: Information technology - ASN.1 encoding rules", , <https://www.itu.int/itu-t/recommendations/rec.aspx?rec=x.690>.
[RFC2865]
Rigney, C., Willens, S., Rubens, A., and W. Simpson, "Remote Authentication Dial In User Service (RADIUS)", RFC 2865, DOI 10.17487/RFC2865, , <https://www.rfc-editor.org/info/rfc2865>.
[RFC3411]
Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks", STD 62, RFC 3411, DOI 10.17487/RFC3411, , <https://www.rfc-editor.org/info/rfc3411>.
[RFC3588]
Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J. Arkko, "Diameter Base Protocol", RFC 3588, DOI 10.17487/RFC3588, , <https://www.rfc-editor.org/info/rfc3588>.
[RFC5284]
Swallow, G. and A. Farrel, "User-Defined Errors for RSVP", RFC 5284, DOI 10.17487/RFC5284, , <https://www.rfc-editor.org/info/rfc5284>.
[RFC5424]
Gerhards, R., "The Syslog Protocol", RFC 5424, DOI 10.17487/RFC5424, , <https://www.rfc-editor.org/info/rfc5424>.
[RFC5612]
Eronen, P. and D. Harrington, "Enterprise Number for Documentation Use", RFC 5612, DOI 10.17487/RFC5612, , <https://www.rfc-editor.org/info/rfc5612>.
[RFC6350]
Perreault, S., "vCard Format Specification", RFC 6350, DOI 10.17487/RFC6350, , <https://www.rfc-editor.org/info/rfc6350>.
[RFC8126]
Cotton, M., Leiba, B., and T. Narten, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 8126, DOI 10.17487/RFC8126, , <https://www.rfc-editor.org/info/rfc8126>.

Authors' Addresses

Amanda Baber
Internet Assigned Numbers Authority
PTI/ICANN
12025 Waterfront Drive
Los Angeles, 90094
United States of America
Paul Hoffman
ICANN
12025 Waterfront Drive
Los Angeles, 90094
United States of America