< draft-mealling-uuid-urn-04.txt   draft-mealling-uuid-urn-05.txt >
Network Working Group P. Leach Network Working Group P. Leach
Internet-Draft Microsoft Internet-Draft Microsoft
Expires: June 8, 2005 M. Mealling Expires: June 1, 2005 M. Mealling
VeriSign, Inc. VeriSign, Inc.
R. Salz R. Salz
DataPower Technology, Inc. DataPower Technology, Inc.
December 8, 2004 December 2004
A UUID URN Namespace A UUID URN Namespace
draft-mealling-uuid-urn-04.txt draft-mealling-uuid-urn-05.txt
Status of this Memo Status of this Memo
This document is an Internet-Draft and is subject to all provisions This document is an Internet-Draft and is subject to all provisions
of section 3 of RFC 3667. By submitting this Internet-Draft, each of section 3 of RFC 3667. By submitting this Internet-Draft, each
author represents that any applicable patent or other IPR claims of author represents that any applicable patent or other IPR claims of
which he or she is aware have been or will be disclosed, and any of which he or she is aware have been or will be disclosed, and any of
which he or she become aware will be disclosed, in accordance with which he or she become aware will be disclosed, in accordance with
RFC 3668. RFC 3668.
skipping to change at page 1, line 39 skipping to change at page 1, line 39
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on June 8, 2005. This Internet-Draft will expire on June 1, 2005.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2004). Copyright (C) The Internet Society (2004).
Abstract Abstract
This specification defines a Uniform Resource Name namespace for This specification defines a Uniform Resource Name namespace for
UUIDs (Universally Unique IDentifier), also known as GUIDs (Globally UUIDs (Universally Unique IDentifier), also known as GUIDs (Globally
Unique IDentifier). A UUID is 128 bits long, and can provide a Unique IDentifier). A UUID is 128 bits long, and can provide a
skipping to change at page 5, line 9 skipping to change at page 5, line 9
The following is an example of the string representation of a UUID The following is an example of the string representation of a UUID
as a URN: as a URN:
urn:uuid:f81d4fae-7dec-11d0-a765-00a0c91e6bf6 urn:uuid:f81d4fae-7dec-11d0-a765-00a0c91e6bf6
Relevant ancillary documentation: Relevant ancillary documentation:
[2] [2]
Identifier uniqueness considerations: Identifier uniqueness considerations:
This document specifies three algorithms to generate UUIDs: the This document specifies three algorithms to generate UUIDs: the
first leverages the unique values of 802 MAC addresses to first leverages the unique values of 802 MAC addresses to
guarantee uniqueness, the second another uses pseudo-random number guarantee uniqueness, the second uses pseudo-random number
generators, and the third uses cryptographic hashing and generators, and the third uses cryptographic hashing and
application-provided text strings. As a result, it is possible to application-provided text strings. As a result, it is possible to
guarantee that UUIDs generated according to the mechanisms here guarantee that UUIDs generated according to the mechanisms here
will be unique from all other UUIDs that have been or will be will be unique from all other UUIDs that have been or will be
assigned. assigned.
Identifier persistence considerations: Identifier persistence considerations:
UUIDs are inherently very difficult to resolve in a global sense. UUIDs are inherently very difficult to resolve in a global sense.
This, coupled with the fact that UUIDs are temporally unique This, coupled with the fact that UUIDs are temporally unique
within their spatial context, ensures that UUIDs will remain as within their spatial context, ensures that UUIDs will remain as
persistent as possible. persistent as possible.
Process of identifier assignment: Process of identifier assignment:
Generating a UUID does not require that it be a registration Generating a UUID does not require that a registration authority
authority be contacted. One algorithm requires a unique value be contacted. One algorithm requires a unique value over space
over space for each generator. This value is typically an IEEE for each generator. This value is typically an IEEE 802 MAC
802 MAC address, usually already available on network-connected address, usually already available on network-connected hosts.
hosts. The address can be assigned from an address block obtained The address can be assigned from an address block obtained from
from the IEEE registration authority. If no such address is the IEEE registration authority. If no such address is available,
available, or privacy concerns make its use undesirable, Section or privacy concerns make its use undesirable, Section 4.5
4.5 specifies two alternatives; another approach is to use version specifies two alternatives; another approach is to use version 3
3 or version 4 UUIDs as defined below. or version 4 UUIDs as defined below.
Process for identifier resolution: Process for identifier resolution:
Since UUIDs are not globally resolvable, this is not applicable. Since UUIDs are not globally resolvable, this is not applicable.
Rules for Lexical Equivalence: Rules for Lexical Equivalence:
Consider each field of the UUID to be an unsigned integer as shown Consider each field of the UUID to be an unsigned integer as shown
in the table in section Section 4.1.2. Then, to compare a pair of in the table in section Section 4.1.2. Then, to compare a pair of
UUIDs, arithmetically compare the corresponding fields from each UUIDs, arithmetically compare the corresponding fields from each
UUID in order of significance and according to their data type. UUID in order of significance and according to their data type.
Two UUIDs are equal if and only if all the corresponding fields Two UUIDs are equal if and only if all the corresponding fields
are equal. are equal.
skipping to change at page 6, line 7 skipping to change at page 6, line 7
UUIDs as defined in this document can also be ordered UUIDs as defined in this document can also be ordered
lexicographically. For a pair of UUIDs, the first one follows the lexicographically. For a pair of UUIDs, the first one follows the
second if the most significant field in which the UUIDs differ is second if the most significant field in which the UUIDs differ is
greater for the first UUID. The second precedes the first if the greater for the first UUID. The second precedes the first if the
most significant field in which the UUIDs differ is greater for most significant field in which the UUIDs differ is greater for
the second UUID. the second UUID.
Conformance with URN Syntax: Conformance with URN Syntax:
The string representation of a UUID is fully compatible with the The string representation of a UUID is fully compatible with the
URN syntax. When converting from an bit-oriented, in-memory URN syntax. When converting from a bit-oriented, in-memory
representation of a UUID into a URN, care must be taken to representation of a UUID into a URN, care must be taken to
strictly adhere to the byte order issues mentioned in the string strictly adhere to the byte order issues mentioned in the string
representation section. representation section.
Validation mechanism: Validation mechanism:
Apart from determining if the timestamp portion of the UUID is in Apart from determining if the timestamp portion of the UUID is in
the future and therefore not yet assignable, there is no mechanism the future and therefore not yet assignable, there is no mechanism
for determining if a UUID is 'valid' in any real sense. for determining if a UUID is 'valid' in any real sense.
Scope: Scope:
UUIDs are global in scope. UUIDs are global in scope.
skipping to change at page 8, line 31 skipping to change at page 8, line 31
embedded POSIX UIDs. embedded POSIX UIDs.
0 0 1 1 3 The name-based version 0 0 1 1 3 The name-based version
specified in this document specified in this document
that uses MD5 hashing. that uses MD5 hashing.
0 1 0 0 4 The randomly or pseudo- 0 1 0 0 4 The randomly or pseudo-
randomly generated version randomly generated version
specified in this document. specified in this document.
0 0 1 1 5 The name-based version 0 1 0 1 5 The name-based version
specified in this document specified in this document
that uses SHA-1 hashing. that uses SHA-1 hashing.
The version is more accurately a sub-type; again, we retain the term The version is more accurately a sub-type; again, we retain the term
for compatibility. for compatibility.
4.1.4 Timestamp 4.1.4 Timestamp
The timestamp is a 60-bit value. For UUID version 1, this is The timestamp is a 60-bit value. For UUID version 1, this is
represented by Coordinated Universal Time (UTC) as a count of represented by Coordinated Universal Time (UTC) as a count of
skipping to change at page 11, line 45 skipping to change at page 11, line 45
simply be the system time multiplied by the number of 100-nanosecond simply be the system time multiplied by the number of 100-nanosecond
intervals per system time interval. intervals per system time interval.
If a system overruns the generator by requesting too many UUIDs If a system overruns the generator by requesting too many UUIDs
within a single system time interval, the UUID service MUST either: within a single system time interval, the UUID service MUST either:
return an error, or stall the UUID generator until the system clock return an error, or stall the UUID generator until the system clock
catches up. catches up.
A high resolution time stamp can be simulated by keeping a count of A high resolution time stamp can be simulated by keeping a count of
how many UUIDs have been generated with the same value of the system how many UUIDs have been generated with the same value of the system
time, and using it to construction the low-order bits of the time time, and using it to construct the low-order bits of the time stamp.
stamp. The count will range between zero and the number of The count will range between zero and the number of 100-nanosecond
100-nanosecond intervals per system time interval. intervals per system time interval.
Note: if the processors overrun the UUID generation frequently, Note: if the processors overrun the UUID generation frequently,
additional node identifiers can be allocated to the system, which additional node identifiers can be allocated to the system, which
will permit higher speed allocation by making multiple UUIDs will permit higher speed allocation by making multiple UUIDs
potentially available for each time stamp value. potentially available for each time stamp value.
4.2.1.3 Writing stable storage 4.2.1.3 Writing stable storage
The state does not always need to be written to stable store every The state does not always need to be written to stable store every
time a UUID is generated. The timestamp in the stable store can be time a UUID is generated. The timestamp in the stable store can be
skipping to change at page 13, line 34 skipping to change at page 13, line 34
o The UUIDs generated at different times from the same name in the o The UUIDs generated at different times from the same name in the
same namespace MUST be equal same namespace MUST be equal
o The UUIDs generated from two different names in the same namespace o The UUIDs generated from two different names in the same namespace
should be different (with very high probability) should be different (with very high probability)
o The UUIDs generated from the same name in two different namespaces o The UUIDs generated from the same name in two different namespaces
should be different with (very high probability) should be different with (very high probability)
o If two UUIDs that were generated from names are equal, then they o If two UUIDs that were generated from names are equal, then they
were generated from the same name in the same namespace (with very were generated from the same name in the same namespace (with very
high probability). high probability).
The algorithm for generating the a UUID from a name and a name space The algorithm for generating a UUID from a name and a name space are
are as follows: as follows:
o Allocate a UUID to use as a "name space ID" for all UUIDs o Allocate a UUID to use as a "name space ID" for all UUIDs
generated from names in that name space; see Appendix C for some generated from names in that name space; see Appendix C for some
pre-defined values pre-defined values
o Choose either MD5 [4] or SHA-1 [8] as the hash algorithm; If o Choose either MD5 [4] or SHA-1 [8] as the hash algorithm; If
backward compatibility is not an issue, SHA-1 is preferred backward compatibility is not an issue, SHA-1 is preferred
o Convert the name to a canonical sequence of octets (as defined by o Convert the name to a canonical sequence of octets (as defined by
the standards or conventions of its name space); put the name the standards or conventions of its name space); put the name
space ID in network byte order space ID in network byte order
o Compute the hash of the name space ID concatenated with the name o Compute the hash of the name space ID concatenated with the name
o Set octets zero through three of the time_low field to octets zero o Set octets zero through three of the time_low field to octets zero
through three of the hash through three of the hash
o Set octets zero and one of the time_mid field to octets four and o Set octets zero and one of the time_mid field to octets four and
five of the hash five of the hash
o Set octets zero and one of the time_hi_and_version field to octets o Set octets zero and one of the time_hi_and_version field to octets
six and seven of the MD5 hash six and seven of the hash
o Set the four most significant bits (bits 12 through 15) of the o Set the four most significant bits (bits 12 through 15) of the
time_hi_and_version field to the appropriate four-bit version time_hi_and_version field to the appropriate four-bit version
number from Section 4.1.3 number from Section 4.1.3
o Set the clock_seq_hi_and_reserved field to octet eight of the hash o Set the clock_seq_hi_and_reserved field to octet eight of the hash
o Set the two most significant bits (bits six and seven) of the o Set the two most significant bits (bits six and seven) of the
clock_seq_hi_and_reserved to zero and one, respectively. clock_seq_hi_and_reserved to zero and one, respectively.
o Set the clock_seq_low field to octet nine of the hash o Set the clock_seq_low field to octet nine of the hash
o Set octets zero through five of the node field to octets ten o Set octets zero through five of the node field to octets ten
through fifteen of the hash through fifteen of the hash
skipping to change at page 23, line 28 skipping to change at page 23, line 28
MD5Final(hash, &c); MD5Final(hash, &c);
/* the hash is in network byte order at this point */ /* the hash is in network byte order at this point */
format_uuid_v3or5(uuid, hash, 3); format_uuid_v3or5(uuid, hash, 3);
} }
void uuid_create_sha1_from_name(uuid_t *uuid, uuid_t nsid, void *name, void uuid_create_sha1_from_name(uuid_t *uuid, uuid_t nsid, void *name,
int namelen) int namelen)
{ {
SHA_CTX c; SHA_CTX c;
unsigned char hash[16]; unsigned char hash[20];
uuid_t net_nsid; uuid_t net_nsid;
/* put name space ID in network byte order so it hashes the same /* put name space ID in network byte order so it hashes the same
no matter what endian machine we're on */ no matter what endian machine we're on */
net_nsid = nsid; net_nsid = nsid;
net_nsid.time_low = htonl(net_nsid.time_low); net_nsid.time_low = htonl(net_nsid.time_low);
net_nsid.time_mid = htons(net_nsid.time_mid); net_nsid.time_mid = htons(net_nsid.time_mid);
net_nsid.time_hi_and_version = htons(net_nsid.time_hi_and_version); net_nsid.time_hi_and_version = htons(net_nsid.time_hi_and_version);
SHA1_Init(&c); SHA1_Init(&c);
 End of changes. 12 change blocks. 
23 lines changed or deleted 23 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/