Hello, Eric 1) oids are a means to avoid conflicting extensions (or other definitions). Depending on the country and/or organization you are in, there may be also other sources for your OID than IANA.
The link of Markus Lorch points to the source of "private enterprise numbers", which are below iso.org.dod.internet.private.enterprise (1.3.6.1.4.1) Some more general information on the OID-tree you may find at http://www.alvestrand.no/objectid/top.html (schemes ok, details a bit outdated) A big bunch of OIDs is organized in a more structured way (than below 1.3.6.1.4.1) by using a countrywise scheme. This is below 2.16,x , joint-iso-itu-t(2) country(16) and (x) is the country-ID (US has 840, for example --- it's alphabetical) complete(?) list of country-ids under http://userpage.chemie.fu-berlin.de/diverse/doc/ISO_3166.html oid arc -- see: http://asn1.elibel.tm.fr/oid/root/joint-iso-itu-t/country/#top (there is also a "deprecated" tree under 1.2. for countries) in US, ANSI governs the OIDs of the 2.16.840 tree. For more information on how to register an organization name, see the report ANSI X3.216 available at: http://web.ansi.org/public/services/reg_org.html 2) get an oid, build your own subtree, get into ASN.1, define an extension. (needs some asn.1 knowledge) Then, add the oid to openssl.cnf, [ new_oids ] as my_own_extension = 2.16.840.x.x and, where extension should be added, 2.16.840.x.x=DER:SomeHexValues see openssl.txt Best regards, Michael Am 2002-10-25 19:51 Uhr schrieb "Eric Weitzman" unter <[EMAIL PROTECTED]>: > Would someone be kind enough to direct me to sources of information on: > > 1) creating new oids that don't conflict with existing oids > 2) creating new attributes in certificates that can hold arbitrary values > > Thanks, > - Eric > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] -- ************************************************************************ Karl-Michael Werzowa A-1190 Wien, Paradisgasse 28/4/6 +43 (664)302 4511, fax +43 (1)328 1992 14 [EMAIL PROTECTED] ************************************************************************ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]