📄 rfc1353.txt
字号:
RFC 1353 SNMP Party MIB July 1992 "A publically-readable value for the party. Depending on the party's privacy protocol, this value may be needed to support the party's privacy protocol. Alternatively, it may be used by a manager as a part of its procedure for altering secret information about a party. (For example, by altering the value of an instance of this object in the same SNMP Set-Request used to update an instance of partyPrivPrivate, a subsequent Get-Request can determine if the Set-Request was successful in the event that no response to the Set-Request is received, see RFC 1352.) The length of the value is dependent on the party's privacy protocol. If not used by the privacy protocol, it is recommended that agents support values of any length up to and including the length of the corresponding partyPrivPrivate object." DEFVAL { ''h } -- the empty string ::= { partyEntry 10 } partyMaxMessageSize OBJECT-TYPE SYNTAX INTEGER (484..65507) ACCESS read-write STATUS mandatory DESCRIPTION "The maximum length in octets of a SNMP message which this party will accept. For parties which execute at an agent, the agent initializes this object to the maximum length supported by the agent, and does not let the object be set to any larger value. For parties which do not execute at the agent, the agent must allow the manager to set this object to any legal value, even if it is larger than the agent can generate." DEFVAL { 484 } ::= { partyEntry 11 } partyStatus OBJECT-TYPE SYNTAX INTEGER { valid(1), invalid(2) } ACCESS read-only STATUS mandatory DESCRIPTION "The status of the locally-held information on a particular SNMP party.McCloghrie, Davin, & Galvin [Page 14]
RFC 1353 SNMP Party MIB July 1992 The instance of this object for a particular party and the instance of partySecretsStatus for the same party always have the same value. This object will typically provide unrestricted read-only access to the status of parties. In contrast, partySecretsStatus will typically provide restricted read-write access to the status of parties." ::= { partyEntry 12 } -- The SNMP Party Secrets Database Group -- The secret party information -- -- Implementation of the objects in this group is mandatory. partySecretsTable OBJECT-TYPE SYNTAX SEQUENCE OF PartySecretsEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The SNMP Party Secrets database." ::= { partyPrivate 1 } partySecretsEntry OBJECT-TYPE SYNTAX PartySecretsEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Locally held secret information about a particular SNMP party, which is available for access by network management. When a SNMP Set-Request is used to update the values of instances of objects in this table, it is recommended that the same SNMP Set-Request also alter the value of a non-secret object instance (e.g., an instance of partyAuthPublic or partyPrivPublic). This allows a Get-Request of that non-secret object instance to determine if the Set-Request was successful in the event that no response which matches the Set-Request is received, see RFC 1352." INDEX { partySecretsIdentity } ::= { partySecretsTable 1 }McCloghrie, Davin, & Galvin [Page 15]
RFC 1353 SNMP Party MIB July 1992 PartySecretsEntry ::= SEQUENCE { partySecretsIdentity Party, partySecretsAuthPrivate OCTET STRING, partySecretsPrivPrivate OCTET STRING, partySecretsStatus INTEGER } partySecretsIdentity OBJECT-TYPE SYNTAX Party ACCESS read-write STATUS mandatory DESCRIPTION "A party identifier uniquely identifying a particular SNMP party." ::= { partySecretsEntry 1 } partySecretsAuthPrivate OBJECT-TYPE SYNTAX OCTET STRING -- for md5AuthProtocol: (SIZE (16)) ACCESS read-write STATUS mandatory DESCRIPTION "An encoding of the party's private authentication key which may be needed to support the authentication protocol. Although the value of this variable may be altered by a management operation (e.g., a SNMP Set-Request), its value can never be retrieved by a management operation: when read, the value of this variable is the zero length OCTET STRING. The private authentication key is NOT directly represented by the value of this variable, but rather it is represented according to an encoding. This encoding is the bitwise exclusive-OR of the old key with the new key, i.e., of the old private authentication key (prior to the alteration) with the new private authentication key (after the alteration). Thus, when processing a received protocol Set operation, the new private authentication key is obtained from the value of this variable as the result of a bitwise exclusive-OR of the variable's value and the old private authentication key. In calculating theMcCloghrie, Davin, & Galvin [Page 16]
RFC 1353 SNMP Party MIB July 1992 exclusive-OR, if the old key is shorter than the new key, zero-valued padding is appended to the old key. If no value for the old key exists, a zero-length OCTET STRING is used in the calculation." DEFVAL { ''h } -- the empty string ::= { partySecretsEntry 2 } partySecretsPrivPrivate OBJECT-TYPE SYNTAX OCTET STRING -- for desPrivProtocol: (SIZE (16)) ACCESS read-write STATUS mandatory DESCRIPTION "An encoding of the party's private encryption key which may be needed to support the privacy protocol. Although the value of this variable may be altered by a management operation (e.g., a SNMP Set-Request), its value can never be retrieved by a management operation: when read, the value of this variable is the zero length OCTET STRING. The private encryption key is NOT directly represented by the value of this variable, but rather it is represented according to an encoding. This encoding is the bitwise exclusive-OR of the old key with the new key, i.e., of the old private encryption key (prior to the alteration) with the new private encryption key (after the alteration). Thus, when processing a received protocol Set operation, the new private encryption key is obtained from the value of this variable as the result of a bitwise exclusive-OR of the variable's value and the old private encryption key. In calculating the exclusive-OR, if the old key is shorter than the new key, zero-valued padding is appended to the old key. If no value for the old key exists, a zero-length OCTET STRING is used in the calculation." DEFVAL { ''h } -- the empty string ::= { partySecretsEntry 3 } partySecretsStatus OBJECT-TYPE SYNTAX INTEGER { valid(1), invalid(2) } ACCESS read-write STATUS mandatory DESCRIPTION "The status of the locally-held information on a particular SNMP party.McCloghrie, Davin, & Galvin [Page 17]
RFC 1353 SNMP Party MIB July 1992 Setting an instance of this object to the value 'valid(1)' has the effect of ensuring that valid local knowledge exists for the corresponding party. For valid local knowledge to exist, there must be corresponding instances of each object in this table and in the partyTable. Thus, the creation of instances in the partyTable (but not in the aclTable or viewTable) occurs as a direct result of the creation of instances in this table. Setting an instance of this object to the value 'invalid(2)' has the effect of invalidating all local knowledge of the corresponding party, including the invalidating of any/all entries in the partyTable, the partySecretsTable, the aclTable, and the viewTable which reference said party. It is an implementation-specific matter as to whether the agent removes an invalidated entry from the table. Accordingly, management stations must be prepared to receive from agents tabular information corresponding to entries not currently in use. Proper interpretation of such entries requires examination of the relevant partySecretsStatus object." DEFVAL { valid } ::= { partySecretsEntry 4 } -- The SNMP Access Privileges Database Group -- This group of objects allows the SNMP itself to be used to -- configure new SNMP parties, or to manipulate the access -- privileges of existing parties. -- -- Implementation of the objects in this group is mandatory. aclTable OBJECT-TYPE SYNTAX SEQUENCE OF AclEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The access privileges database." ::= { partyAccess 1 }McCloghrie, Davin, & Galvin [Page 18]
RFC 1353 SNMP Party MIB July 1992 aclEntry OBJECT-TYPE SYNTAX AclEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The access privileges for a particular requesting SNMP party in accessing a particular target SNMP party." INDEX { aclTarget, aclSubject } ::= { aclTable 1 } AclEntry ::= SEQUENCE { aclTarget Party, aclSubject Party, aclPrivileges INTEGER, aclStatus INTEGER } aclTarget OBJECT-TYPE SYNTAX Party ACCESS read-write STATUS mandatory DESCRIPTION "The target SNMP party whose performance of management operations is constrained by this set of access privileges." ::= { aclEntry 1 } aclSubject OBJECT-TYPE SYNTAX Party ACCESS read-write STATUS mandatory DESCRIPTION "The subject SNMP party whose requests for management operations to be performed is constrained by this set of access privileges." ::= { aclEntry 2 } aclPrivileges OBJECT-TYPE SYNTAX INTEGER (0..31) ACCESS read-write STATUS mandatory DESCRIPTIONMcCloghrie, Davin, & Galvin [Page 19]
RFC 1353 SNMP Party MIB July 1992 "The access privileges which govern what management operations a particular target party may perform when requested by a particular subject party. These privileges are specified as a sum of values, where each value specifies a SNMP PDU type by which the subject party may request a permitted operation. The value for a particular PDU type is computed as 2 raised to the value of the ASN.1 context-specific tag for the appropriate SNMP PDU type. The values (for the tags defined in RFC 1157) are defined in RFC 1351 as: Get : 1 GetNext : 2 GetResponse : 4 Set : 8 Trap : 16 The null set is represented by the value zero." DEFVAL { 3 } -- Get & Get-Next ::= { aclEntry 3 } aclStatus OBJECT-TYPE SYNTAX INTEGER { valid(1), invalid(2) } ACCESS read-write⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -