📄 rfc1353.txt
字号:
RFC 1353 SNMP Party MIB July 1992
"A publically-readable value for the party.
Depending on the party's privacy protocol, this
value may be needed to support the party's privacy
protocol. Alternatively, it may be used by a
manager as a part of its procedure for altering
secret information about a party. (For example,
by altering the value of an instance of this
object in the same SNMP Set-Request used to update
an instance of partyPrivPrivate, a subsequent
Get-Request can determine if the Set-Request was
successful in the event that no response to the
Set-Request is received, see RFC 1352.)
The length of the value is dependent on the
party's privacy protocol. If not used by the
privacy protocol, it is recommended that agents
support values of any length up to and including
the length of the corresponding partyPrivPrivate
object."
DEFVAL { ''h } -- the empty string
::= { partyEntry 10 }
partyMaxMessageSize OBJECT-TYPE
SYNTAX INTEGER (484..65507)
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The maximum length in octets of a SNMP message
which this party will accept. For parties which
execute at an agent, the agent initializes this
object to the maximum length supported by the
agent, and does not let the object be set to any
larger value. For parties which do not execute at
the agent, the agent must allow the manager to set
this object to any legal value, even if it is
larger than the agent can generate."
DEFVAL { 484 }
::= { partyEntry 11 }
partyStatus OBJECT-TYPE
SYNTAX INTEGER { valid(1), invalid(2) }
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The status of the locally-held information on a
particular SNMP party.
McCloghrie, Davin, & Galvin [Page 14]
RFC 1353 SNMP Party MIB July 1992
The instance of this object for a particular party
and the instance of partySecretsStatus for the
same party always have the same value.
This object will typically provide unrestricted
read-only access to the status of parties. In
contrast, partySecretsStatus will typically
provide restricted read-write access to the status
of parties."
::= { partyEntry 12 }
-- The SNMP Party Secrets Database Group
-- The secret party information
--
-- Implementation of the objects in this group is mandatory.
partySecretsTable OBJECT-TYPE
SYNTAX SEQUENCE OF PartySecretsEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"The SNMP Party Secrets database."
::= { partyPrivate 1 }
partySecretsEntry OBJECT-TYPE
SYNTAX PartySecretsEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"Locally held secret information about a
particular SNMP party, which is available for
access by network management.
When a SNMP Set-Request is used to update the
values of instances of objects in this table, it
is recommended that the same SNMP Set-Request also
alter the value of a non-secret object instance
(e.g., an instance of partyAuthPublic or
partyPrivPublic). This allows a Get-Request of
that non-secret object instance to determine if
the Set-Request was successful in the event that
no response which matches the Set-Request is
received, see RFC 1352."
INDEX { partySecretsIdentity }
::= { partySecretsTable 1 }
McCloghrie, Davin, & Galvin [Page 15]
RFC 1353 SNMP Party MIB July 1992
PartySecretsEntry ::=
SEQUENCE {
partySecretsIdentity
Party,
partySecretsAuthPrivate
OCTET STRING,
partySecretsPrivPrivate
OCTET STRING,
partySecretsStatus
INTEGER
}
partySecretsIdentity OBJECT-TYPE
SYNTAX Party
ACCESS read-write
STATUS mandatory
DESCRIPTION
"A party identifier uniquely identifying a
particular SNMP party."
::= { partySecretsEntry 1 }
partySecretsAuthPrivate OBJECT-TYPE
SYNTAX OCTET STRING -- for md5AuthProtocol: (SIZE (16))
ACCESS read-write
STATUS mandatory
DESCRIPTION
"An encoding of the party's private authentication
key which may be needed to support the
authentication protocol. Although the value of
this variable may be altered by a management
operation (e.g., a SNMP Set-Request), its value
can never be retrieved by a management operation:
when read, the value of this variable is the zero
length OCTET STRING.
The private authentication key is NOT directly
represented by the value of this variable, but
rather it is represented according to an encoding.
This encoding is the bitwise exclusive-OR of the
old key with the new key, i.e., of the old private
authentication key (prior to the alteration) with
the new private authentication key (after the
alteration). Thus, when processing a received
protocol Set operation, the new private
authentication key is obtained from the value of
this variable as the result of a bitwise
exclusive-OR of the variable's value and the old
private authentication key. In calculating the
McCloghrie, Davin, & Galvin [Page 16]
RFC 1353 SNMP Party MIB July 1992
exclusive-OR, if the old key is shorter than the
new key, zero-valued padding is appended to the
old key. If no value for the old key exists, a
zero-length OCTET STRING is used in the
calculation."
DEFVAL { ''h } -- the empty string
::= { partySecretsEntry 2 }
partySecretsPrivPrivate OBJECT-TYPE
SYNTAX OCTET STRING -- for desPrivProtocol: (SIZE (16))
ACCESS read-write
STATUS mandatory
DESCRIPTION
"An encoding of the party's private encryption key
which may be needed to support the privacy
protocol. Although the value of this variable may
be altered by a management operation (e.g., a SNMP
Set-Request), its value can never be retrieved by
a management operation: when read, the value of
this variable is the zero length OCTET STRING.
The private encryption key is NOT directly
represented by the value of this variable, but
rather it is represented according to an encoding.
This encoding is the bitwise exclusive-OR of the
old key with the new key, i.e., of the old private
encryption key (prior to the alteration) with the
new private encryption key (after the alteration).
Thus, when processing a received protocol Set
operation, the new private encryption key is
obtained from the value of this variable as the
result of a bitwise exclusive-OR of the variable's
value and the old private encryption key. In
calculating the exclusive-OR, if the old key is
shorter than the new key, zero-valued padding is
appended to the old key. If no value for the old
key exists, a zero-length OCTET STRING is used in
the calculation."
DEFVAL { ''h } -- the empty string
::= { partySecretsEntry 3 }
partySecretsStatus OBJECT-TYPE
SYNTAX INTEGER { valid(1), invalid(2) }
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The status of the locally-held information on a
particular SNMP party.
McCloghrie, Davin, & Galvin [Page 17]
RFC 1353 SNMP Party MIB July 1992
Setting an instance of this object to the value
'valid(1)' has the effect of ensuring that valid
local knowledge exists for the corresponding
party. For valid local knowledge to exist, there
must be corresponding instances of each object in
this table and in the partyTable. Thus, the
creation of instances in the partyTable (but not
in the aclTable or viewTable) occurs as a direct
result of the creation of instances in this table.
Setting an instance of this object to the value
'invalid(2)' has the effect of invalidating all
local knowledge of the corresponding party,
including the invalidating of any/all entries in
the partyTable, the partySecretsTable, the
aclTable, and the viewTable which reference said
party.
It is an implementation-specific matter as to
whether the agent removes an invalidated entry
from the table. Accordingly, management stations
must be prepared to receive from agents tabular
information corresponding to entries not currently
in use. Proper interpretation of such entries
requires examination of the relevant
partySecretsStatus object."
DEFVAL { valid }
::= { partySecretsEntry 4 }
-- The SNMP Access Privileges Database Group
-- This group of objects allows the SNMP itself to be used to
-- configure new SNMP parties, or to manipulate the access
-- privileges of existing parties.
--
-- Implementation of the objects in this group is mandatory.
aclTable OBJECT-TYPE
SYNTAX SEQUENCE OF AclEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"The access privileges database."
::= { partyAccess 1 }
McCloghrie, Davin, & Galvin [Page 18]
RFC 1353 SNMP Party MIB July 1992
aclEntry OBJECT-TYPE
SYNTAX AclEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"The access privileges for a particular requesting
SNMP party in accessing a particular target SNMP
party."
INDEX { aclTarget, aclSubject }
::= { aclTable 1 }
AclEntry ::=
SEQUENCE {
aclTarget
Party,
aclSubject
Party,
aclPrivileges
INTEGER,
aclStatus
INTEGER
}
aclTarget OBJECT-TYPE
SYNTAX Party
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The target SNMP party whose performance of
management operations is constrained by this set
of access privileges."
::= { aclEntry 1 }
aclSubject OBJECT-TYPE
SYNTAX Party
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The subject SNMP party whose requests for
management operations to be performed is
constrained by this set of access privileges."
::= { aclEntry 2 }
aclPrivileges OBJECT-TYPE
SYNTAX INTEGER (0..31)
ACCESS read-write
STATUS mandatory
DESCRIPTION
McCloghrie, Davin, & Galvin [Page 19]
RFC 1353 SNMP Party MIB July 1992
"The access privileges which govern what
management operations a particular target party
may perform when requested by a particular subject
party. These privileges are specified as a sum of
values, where each value specifies a SNMP PDU type
by which the subject party may request a permitted
operation. The value for a particular PDU type is
computed as 2 raised to the value of the ASN.1
context-specific tag for the appropriate SNMP PDU
type. The values (for the tags defined in RFC
1157) are defined in RFC 1351 as:
Get : 1
GetNext : 2
GetResponse : 4
Set : 8
Trap : 16
The null set is represented by the value zero."
DEFVAL { 3 } -- Get & Get-Next
::= { aclEntry 3 }
aclStatus OBJECT-TYPE
SYNTAX INTEGER { valid(1), invalid(2) }
ACCESS read-write
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -