rfc2570.txt

RFC 的详细文档！

7.9 View-based Access Control (VACM)

   The purpose of RFC 2575, the "View-based Access Control Model (VACM)
   for the Simple Network Management Protocol (SNMP)" is to describe the
   View-based Access Control Model for use in the SNMP architecture.
   The VACM can simultaneously be associated in a single engine
   implementation with multiple Message Processing Models and multiple
   Security Models.

   It is architecturally possible to have multiple, different, Access
   Control Models active and present simultaneously in a single engine
   implementation, but this is expected to be *_very_* rare in practice
   and *_far_* less common than simultaneous support for multiple
   Message Processing Models and/or multiple Security Models.

7.10 SNMPv3 Coexistence and Transition

   The purpose of "Coexistence between Version 1, Version 2, and Version
   3 of the Internet-standard Network Management Framework" is to
   describe coexistence between the SNMPv3 Management Framework, the
   SNMPv2 Management Framework, and the original SNMPv1 Management
   Framework.  In particular, this document describes four aspects of
   coexistence:

     *  Conversion of MIB documents from SMIv1 to SMIv2 format

     *  Mapping of notification parameters

     *  Approaches to coexistence between entities which support
        the various versions of SNMP in a multi-lingual network, in
        particular the processing of protocol operations in
        multi-lingual implementations, as well as behavior of
        proxy implementations






Case, et al.                 Informational                     [Page 18]

RFC 2570                 Introduction to SNMPv3               April 1999


     *  The SNMPv1 Message Processing Model and Community-Based
        Security Model, which provides mechanisms for adapting
        SNMPv1 and SNMPv2c into the View-Based Access Control Model
        (VACM) [19]

8 Security Considerations

   As this document is primarily a roadmap document, it introduces no
   new security considerations.  The reader is referred to the relevant
   sections of each of the referenced documents for information about
   security considerations.

9 Editors' Addresses

   Jeffrey Case
   SNMP Research, Inc.
   3001 Kimberlin Heights Road
   Knoxville, TN 37920-9716
   USA
   Phone:  +1 423 573 1434
   EMail:  case@snmp.com

   Russ Mundy
   TIS Labs at Network Associates
   3060 Washington Rd
   Glenwood, MD 21738
   USA
   Phone:  +1 301 854 6889
   EMail:  mundy@tislabs.com

   David Partain
   Ericsson Radio Systems
   Research and Innovation
   P.O. Box 1248
   SE-581 12 Linkoping
   Sweden
   Phone:  +46 13 28 41 44
   EMail:  David.Partain@ericsson.com

   Bob Stewart
   Cisco Systems, Inc.
   170 West Tasman Drive
   San Jose, CA 95134-1706
   U.S.A.
   Phone:  +1 603 654 6923
   EMail:  bstewart@cisco.com





Case, et al.                 Informational                     [Page 19]

RFC 2570                 Introduction to SNMPv3               April 1999


10 References

   [1]  Rose, M. and K. McCloghrie, "Structure and Identification of
        Management Information for TCP/IP-based internets", STD 16, RFC
        1155, May 1990.

   [2]  Rose, M. and K. McCloghrie, "Concise MIB Definitions", STD 16,
        RFC 1212, March 1991.

   [3]  Case, J., Fedor, M., Schoffstall, M. and J. Davin, "Simple
        Network Management Protocol", STD 15, RFC 1157, May 1990.

   [4]  SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S.
        Waldbusser, "Structure of Management Information for Version 2
        of the Simple Network Management Protocol (SNMPv2)", RFC 1902,
        January 1996.

   [5]  SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S.
        Waldbusser, "Textual Conventions for Version 2 of the Simple
        Network Management Protocol (SNMPv2)", RFC 1903, January 1996.

   [6]  SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S.
        Waldbusser, "Conformance Statements for Version 2 of the Simple
        Network Management Protocol (SNMPv2)", RFC 1904, January 1996.

   [7]  SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M. and S.
        Waldbusser, "Protocol Operations for Version 2 of the Simple
        Network Management Protocol (SNMPv2)", RFC 1905, January 1996.

   [8]  SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M. and S.
        Waldbusser, "Transport Mappings for Version 2 of the Simple
        Network Management Protocol (SNMPv2)", RFC 1906, January 1996.

   [9]  SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M. and S.
        Waldbusser, "Management Information Base for Version 2 of the
        Simple Network Management Protocol (SNMPv2)", RFC 1907, January
        1996.

   [10] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M. and S.
        Waldbusser, "Coexistence between Version 1 and Version 2 of the
        Internet-standard Network Management Framework", RFC 1908,
        January 1996.

   [11] Information processing systems - Open Systems Interconnection -
        Specification of Abstract Syntax Notation One (ASN.1),
        International Organization for Standardization.  International
        Standard 8824, (December, 1987).




Case, et al.                 Informational                     [Page 20]

RFC 2570                 Introduction to SNMPv3               April 1999


   [12] McCloghrie, K. and M. Rose, "Management Information Base for
        Network Management of TCP/IP-based Internets", RFC 1066, August
        1988.

   [13] McCloghrie, K. and M. Rose, "Management Information Base for
        Network Management of TCP/IP-based internets:  MIB-II, STD 17,
        RFC 1213, March 1991.

   [14] Cerf, V., "IAB Recommendations for the Development of Internet
        Network Management Standards", RFC 1052, April 1988.

   [15] Harrington, D., Presuhn, R. and B. Wijnen, "An Architecture for
        Describing SNMP Management Frameworks", RFC 2571, April 1999.

   [16] Case, J., Harrington, D., Presuhn, R. and B. Wijnen, "Message
        Processing and Dispatching for the Simple Network Management
        Protocol (SNMP)", RFC 2572, April 1999.

   [17] Levi, D., Meyer, P. and B. Stewart, "SNMP Applications", RFC
        2573, April 1999.

   [18] Blumenthal, U. and B. Wijnen, "The User-Based Security Model for
        Version 3 of the Simple Network Management Protocol (SNMPv3)",
        RFC 2574, April 1999.

   [19] Wijnen, B., Presuhn, R. and K. McCloghrie, "View-based Access
        Control Model for the Simple Network Management Protocol
        (SNMP)", RFC 2575, April 1999.

   [20] Frye, R., Levi, D., Routhier, S., and B. Wijnen, "Coexistence
        between Version 1, Version 2, and Version 3 of the Internet-
        standard Network Management Framework", Work in Progress.

   [21] Rivest, R., "Message Digest Algorithm MD5", RFC 1321, April
        1992.

   [22] Secure Hash Algorithm. NIST FIPS 180-1, (April, 1995)
        http://csrc.nist.gov/fips/fip180-1.txt (ASCII)
        http://csrc.nist.gov/fips/fip180-1.ps  (Postscript)

   [23] Krawczyk, H., Bellare, M. and R. Canetti, "HMAC:  Keyed-Hashing
        for Message Authentication", RFC 2104, February 1997.

   [24] Data Encryption Standard, National Institute of Standards and
        Technology.  Federal Information Processing Standard (FIPS)
        Publication 46-1.  Supersedes FIPS Publication 46, (January,
        1977; reaffirmed January, 1988).




Case, et al.                 Informational                     [Page 21]

RFC 2570                 Introduction to SNMPv3               April 1999


   [25] Rose, M., "A Convention for Defining Traps for use with the
        SNMP", RFC 1215, March 1991.

   [26] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose,
        M. and S. Waldbusser, "Structure of Management Information
        Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.

   [27] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose,
        M. and S. Waldbusser, "Textual Conventions for SMIv2", STD 58,
        RFC 2579, April 1999.

   [28] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose,
        M. and S. Waldbusser, "Conformance Statements for SMIv2", STD
        58, RFC 2580, April 1999.





































Case, et al.                 Informational                     [Page 22]

RFC 2570                 Introduction to SNMPv3               April 1999


11 Full Copyright Statement

   Copyright (C) The Internet Society (1998).  All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are
   included on all such copies and derivative works.  However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assigns.

   This document and the information contained herein is provided on an
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE."

Acknowledgement

   Funding for the RFC Editor function is currently provided by
   the Internet Society.



















Case, et al.                 Informational                     [Page 23]