Registration Procedures for Private Enterprise Numbers (PENs)Internet Assigned Numbers AuthorityPTI/ICANN12025 Waterfront DriveLos Angeles90094United States of Americaamanda.baber@iana.orgICANN12025 Waterfront DriveLos Angeles90094United States of Americapaul.hoffman@icann.org
This document describes how Private Enterprise Numbers (PENs) are registered by IANA. It
shows how to request a new PEN and how to modify a current PEN. It also gives
a brief overview of PEN uses.
Status of This Memo
This document is not an Internet Standards Track specification; it is
published for informational purposes.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Not all documents
approved by the IESG are candidates for any level of Internet
Standard; see Section 2 of RFC 7841.
Information about the current status of this document, any
errata, and how to provide feedback on it may be obtained at
.
Copyright Notice
Copyright (c) 2023 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
() in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Revised BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Revised BSD License.
Table of Contents
. Introduction
. Uses of PENs
. PEN Assignment
. Requesting a PEN Assignment
. Modifying an Existing Record
. Deleting a PEN Record
. PEN Registry Specifics
. IANA Considerations
. Security Considerations
. References
. Normative References
. Informative References
Acknowledgements
Authors' Addresses
Introduction
Private Enterprise Numbers (PENs) are identifiers that can be used anywhere that an ASN.1
object identifier (OID) can be used. Originally, PENs were developed
so that organizations that needed to identify themselves in Simple Network Management
Protocol (SNMP) Management Information Base (MIB) configurations
could do so easily. PENs are also useful in any application or configuration language that
needs OIDs to identify organizations.
The IANA Functions Operator, referred to in this document as "IANA",
manages and maintains the PEN registry in consultation with the IESG.
PENs are issued from an OID prefix that was assigned to IANA. That OID
prefix is 1.3.6.1.4.1. Using the (now archaic) notation of ownership names in the OID
tree, that corresponds to:
1 3 6 1 4 1
iso.org.dod.internet.private.enterprise
A PEN is an OID that begins with the PEN prefix. Thus, the OID 1.3.6.1.4.1.32473 is a
PEN.
Uses of PENs
Once a PEN has been assigned to an organization, individual, or other entity, that assignee can use the
PEN by itself (possibly to represent the assignee) or as the root of other OIDs
associated with the assignee. For example, if an assignee is assigned the PEN
1.3.6.1.4.1.32473, it might use 1.3.6.1.4.1.32473.7 to identify a protocol extension
and use 1.3.6.1.4.1.32473.12.3 to identify a set of algorithms that it supports in a
protocol.
Neither IANA nor the IETF can control how an assignee uses
its PEN. In fact, no one can exert such control: that is the meaning of "private"
in "private enterprise number". Similarly, no one can prevent an assignee that
is not the registered owner of a PEN from using that PEN, or any PEN, however they want.
A very common use of PENs is to give unique identifiers in IETF protocols. SNMP MIB
configuration files use PENs for identifying the origin of values. Protocols that use
PENs as identifiers of extension mechanisms include
RADIUS ,
Diameter ,
Syslog ,
RSVP ,
and vCard .
PEN Assignment
PENs are assigned by IANA. The registry is located at
, and requests for new assignments
or the modification of existing assignments can also be submitted at that URL.
IANA maintains the PEN registry in accordance with the "First Come First
Served" registration policy described in . Values are
assigned sequentially.
Requesting a PEN Assignment
Requests for assignment must provide the name of the assignee, the name of a
public contact who can respond to questions about the assignment, and contact
information that can be used to verify change requests. The contact's name and
email address will be included in the public registry.
A prospective assignee may request multiple PENs, but obtaining one PEN and making
internal sub-assignments is typically more appropriate. (Sub-assignments
should not be reported to IANA.)
IANA may refuse to process abusive requests.
Modifying an Existing Record
Any of the information associated
with a registered value can be modified, including the name of the assignee.
Modification requests require authorization by a representative of the
assignee. Authorization will be validated either with information kept on
file with IANA or with other identifying documentation, if necessary.
Deleting a PEN Record
Although such requests are rare, registrations can be deleted. When a
registration is deleted, all identifying information is removed from the
registry, and the value is marked as "returned." Returned values will not be
made available for reassignment until all other unassigned values have been
exhausted; as can be seen in , the unassigned values
are unlikely to ever run out.
PEN Registry Specifics
The range for values after the PEN prefix is 0 to 2**32-1. The values 0 and 4294967295
(2**32-1) are reserved. Note that while the original PEN definition had no upper bound for
the value after the PEN prefix, there is now an upper bound due to some IETF
protocols limiting the size of that value. For example, Diameter
limits the value to 2**32-1.
There is a PEN number, 32473, reserved for use as an example in documentation. This
reservation is described in .
Values in the registry that have unclear ownership are marked "Reserved". These values
will not be reassigned to a new company or individual without consulting the IESG.
IANA Considerations
Per this document, IANA has made the following changes to the PEN registry:
Values 2187, 2188, 3513, 4164, 4565, 4600, 4913, 4999, 5099, 5144, 5201,
5683, 5777, 6260, 6619, 14827, 16739, 26975, and the range from 11670 to
11769, which had been missing from the registry, have been listed as
"Reserved." As described in , reserved values can be
released by the IESG.
This document has been listed in the registry's "Reference" field.
"First Come First Served" has been listed as its registration procedure.
Security Considerations
Registering PENs does not introduce any significant security considerations.
There is no cryptographic binding of a registrant in the PEN registry and the PEN(s)
assigned to them. Thus, the entries in the PEN registry cannot be used to validate the
ownership of a PEN in use. For example, if the PEN 1.3.6.1.4.1.32473 is seen in a protocol
as indicating the owner of some data, there is no way to securely correlate that use with
the name and assignee of the owner listed in the PEN registry.
ReferencesNormative ReferencesGuidelines for Writing an IANA Considerations Section in RFCsMany protocols make use of points of extensibility that use constants to identify various protocol parameters. To ensure that the values in these fields do not have conflicting uses and to promote interoperability, their allocations are often coordinated by a central record keeper. For IETF protocols, that role is filled by the Internet Assigned Numbers Authority (IANA).To make assignments in a given registry prudently, guidance describing the conditions under which new values should be assigned, as well as when and how modifications to existing values can be made, is needed. This document defines a framework for the documentation of these guidelines by specification authors, in order to assure that the provided guidance for the IANA Considerations is clear and addresses the various issues that are likely in the operation of a registry.This is the third edition of this document; it obsoletes RFC 5226.Informative ReferencesInformation technology - ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER)ITU-TRemote Authentication Dial In User Service (RADIUS)This document describes a protocol for carrying authentication, authorization, and configuration information between a Network Access Server which desires to authenticate its links and a shared Authentication Server. [STANDARDS-TRACK]An Architecture for Describing Simple Network Management Protocol (SNMP) Management FrameworksThis document describes an architecture for describing Simple Network Management Protocol (SNMP) Management Frameworks. The architecture is designed to be modular to allow the evolution of the SNMP protocol standards over time. The major portions of the architecture are an SNMP engine containing a Message Processing Subsystem, a Security Subsystem and an Access Control Subsystem, and possibly multiple SNMP applications which provide specific functional processing of management data. This document obsoletes RFC 2571. [STANDARDS-TRACK]User-Defined Errors for RSVPThe Resource ReserVation Protocol (RSVP) defines an ERROR_SPEC object for communicating errors. That object has a defined format that permits the definition of 256 error codes. As RSVP has been developed and extended, the convention has been to be conservative in defining new error codes. Further, no provision for user-defined errors exists in RSVP.This document defines a USER_ERROR_SPEC to be used in addition to the ERROR_SPEC to carry additional user information related to errors. [STANDARDS-TRACK]The Syslog ProtocolThis document describes the syslog protocol, which is used to convey event notification messages. This protocol utilizes a layered architecture, which allows the use of any number of transport protocols for transmission of syslog messages. It also provides a message format that allows vendor-specific extensions to be provided in a structured way.This document has been written with the original design goals for traditional syslog in mind. The need for a new layered specification has arisen because standardization efforts for reliable and secure syslog extensions suffer from the lack of a Standards-Track and transport-independent RFC. Without this document, each other standard needs to define its own syslog packet format and transport mechanism, which over time will introduce subtle compatibility issues. This document tries to provide a foundation that syslog extensions can build on. This layered architecture approach also provides a solid basis that allows code to be written once for each syslog feature rather than once for each transport. [STANDARDS-TRACK]Enterprise Number for Documentation UseThis document describes an Enterprise Number (also known as SMI Network Management Private Enterprise Code) for use in documentation. This memo provides information for the Internet community.vCard Format SpecificationThis document defines the vCard data format for representing and exchanging a variety of information about individuals and other entities (e.g., formatted and structured name and delivery addresses, email address, multiple telephone numbers, photograph, logo, audio clips, etc.). This document obsoletes RFCs 2425, 2426, and 4770, and updates RFC 2739. [STANDARDS-TRACK]Diameter Base ProtocolThe Diameter base protocol is intended to provide an Authentication, Authorization, and Accounting (AAA) framework for applications such as network access or IP mobility in both local and roaming situations. This document specifies the message format, transport, error reporting, accounting, and security services used by all Diameter applications. The Diameter base protocol as defined in this document obsoletes RFC 3588 and RFC 5719, and it must be supported by all new Diameter implementations. [STANDARDS-TRACK]Acknowledgements
An earlier draft version of this document was authored by and
. Additional significant contributions have come from
, , , , and .
Authors' AddressesInternet Assigned Numbers AuthorityPTI/ICANN12025 Waterfront DriveLos Angeles90094United States of Americaamanda.baber@iana.orgICANN12025 Waterfront DriveLos Angeles90094United States of Americapaul.hoffman@icann.org