Internet Draft SNMP Party MIB April 1991
Definitions of Managed Objects
for Administration of SNMP Parties
7 April 1991
Keith McCloghrie
Hughes LAN Systems, Inc.
kzm@hls.com
James R. Davin
MIT Laboratory for Computer Science
jrd@allspice.lcs.mit.edu
and
James M. Galvin
Trusted Information Systems, Inc.
galvin@tis.com
1. Abstract
This memo defines an experimental portion of the Management
Information Base (MIB) for use with network management
protocols in TCP/IP-based internets. In particular, it
describes a representation of the SNMP parties defined in [10]
as objects defined according to the Internet Standard SMI [3].
These definitions are consistent with the SNMP Security
protocols set forth in [11].
2. Status of this Memo
This draft document will be submitted to the RFC editor as an
experimental extension to the SNMP MIB. Distribution of this
memo is unlimited. Please send comments to the authors.
This memo does not specify a standard for the Internet
community.
McCloghrie/Davin/Galvin [Page 1]
Internet Draft SNMP Party MIB April 1991
3. Historical Perspective
As reported in RFC 1052, IAB Recommendations for the
Development of Internet Network Management Standards [1], a
two-prong strategy for network management of TCP/IP-based
internets was undertaken. In the short-term, the Simple
Network Management Protocol (SNMP), defined in RFC 1067, was
to be used to manage nodes in the Internet community. In the
long-term, the use of the OSI network management framework was
to be examined. Two documents were produced to define the
management information: RFC 1065, which defined the Structure
of Management Information (SMI), and RFC 1066, which defined
the Management Information Base (MIB). Both of these
documents were designed so as to be compatible with both the
SNMP and the OSI network management framework.
This strategy was quite successful in the short-term:
Internet-based network management technology was fielded, by
both the research and commercial communities, within a few
months. As a result of this, portions of the Internet
community became network manageable in a timely fashion.
As reported in RFC 1109, Report of the Second Ad Hoc Network
Management Review Group [2], the requirements of the SNMP and
the OSI network management frameworks were more different than
anticipated. As such, the requirement for compatibility
between the SMI/MIB and both frameworks was suspended. This
action permitted the operational network management framework,
based on the SNMP, to respond to new operational needs in the
Internet community by producing MIB-II.
In May of 1990, the core documents were elevated to "Standard
Protocols" with "Recommended" status. As such, the Internet-
standard network management framework consists of: Structure
and Identification of Management Information for TCP/IP-based
internets, RFC 1155 [3], which describes how managed objects
contained in the MIB are defined; Management Information Base
for Network Management of TCP/IP-based internets, which
describes the managed objects contained in the MIB, RFC 1156
[4]; and, the Simple Network Management Protocol, RFC 1157
[5], which defines the protocol used to manage these objects.
Consistent with the IAB directive to produce simple, workable
systems in the short-term, the list of managed objects defined
in the Internet-standard MIB was derived by taking only those
McCloghrie/Davin/Galvin [Page 2]
Internet Draft SNMP Party MIB April 1991
elements which are considered essential. However, the SMI
defined three extensibility mechanisms: one, the addition of
new standard objects through the definitions of new versions
of the MIB; two, the addition of widely-available but non-
standard objects through the experimental subtree; and three,
the addition of private objects through the enterprises
subtree. Such additional objects can not only be used for
vendor-specific elements, but also for experimentation as
required to further the knowledge of which other objects are
essential.
This memo defines extensions to the MIB using the second
method. It contains definitions of managed objects used for
experimentation.
McCloghrie/Davin/Galvin [Page 3]
Internet Draft SNMP Party MIB April 1991
4. Objects
Managed objects are accessed via a virtual information store,
termed the Management Information Base or MIB. Objects in the
MIB are defined using the subset of Abstract Syntax Notation
One (ASN.1) [7] defined in the SMI. In particular, each
object has a name, a syntax, and an encoding. The name is an
object identifier, an administratively assigned name, which
specifies an object type. The object type together with an
object instance serves to uniquely identify a specific
instantiation of the object. For human convenience, we often
use a textual string, termed the OBJECT DESCRIPTOR, to also
refer to the object type.
The syntax of an object type defines the abstract data
structure corresponding to that object type. The ASN.1
language is used for this purpose. However, the SMI [3]
purposely restricts the ASN.1 constructs which may be used.
These restrictions are explicitly made for simplicity.
The encoding of an object type is simply how that object type
is represented using the object type's syntax. Implicitly
tied to the notion of an object type's syntax and encoding is
how the object type is represented when being transmitted on
the network.
The SMI specifies the use of the basic encoding rules of ASN.1
[8], subject to the additional requirements imposed by the
SNMP.
4.1. Format of Definitions
Section 6 contains the specification of all object types
contained in this MIB module. The object types are defined
using the conventions defined in the SMI, as amended by the
extensions specified in [9,10].
McCloghrie/Davin/Galvin [Page 4]
Internet Draft SNMP Party MIB April 1991
5. Overview
5.1. Structure
This MIB contains the definitions for: four tables, a number
of OBJECT IDENTIFIER assignments, and some conventions for
initial use with some of the assignments. The four tables
are: the SNMP Party Public database, the SNMP Party Private
database, the SNMP Access Control database, and the SNMP Views
database. Implementation of the latter two is optional.
The SNMP Party Public database and the SNMP Party Private
database are defined as separate tables specifically for the
purpose of positioning them in different parts of the MIB tree
namespace. In particular, the SNMP Party Private database
contain secret information, for which security demands that
access to it be limited to parties which use both
authentication and privacy. It is therefore positioned in a
separate branch of the MIB tree, at the highest level
possible, so as to provide for the easiest means of
accomodating the required limitation.
In contrast, the SNMP Party Public database contains public
information about SNMP parties. In particular, it contains
the parties' clocks which need to be read-able (but not
write-able) by unauthenticated queries, since an
unauthenticated query of a party's clock is the first step of
the procedure to re-establish clock synchronization (see
[11]).
5.2. Textual Conventions
The datatypes, Party and TAddr, are used as textual
conventions in this document. These textual conventions have
NO effect on either the syntax nor the semantics of any
managed object. Objects defined using these conventions are
always encoded by means of the rules that define their
primitive type. Hence, no changes to the SMI or the SNMP are
necessary to accommodate these textual conventions which are
adopted merely for the convenience of readers.
McCloghrie/Davin/Galvin [Page 5]
Internet Draft SNMP Party MIB April 1991
6. Definitions
RFCxxxx-MIB DEFINITIONS ::= BEGIN
IMPORTS
system, mib, private, internet, experimental, TimeTicks
FROM RFC1155-SMI
OBJECT-TYPE
FROM RFC-1212; -- reference [9]
snmpParty OBJECT IDENTIFIER ::= { internet 5 }
partyAdmin OBJECT IDENTIFIER ::= { snmpParty 1 }
partyPublic OBJECT IDENTIFIER ::= { snmpParty 2 }
snmpSecrets OBJECT IDENTIFIER ::= { internet 6 }
partyPrivate OBJECT IDENTIFIER ::= { snmpSecrets 1 }
partyAccess OBJECT IDENTIFIER ::= { snmpSecrets 2 }
partyViews OBJECT IDENTIFIER ::= { snmpSecrets 3 }
Party ::= OBJECT IDENTIFIER -- a textual convention denoting
-- a SNMP Party identifier
--- definitions of Authentication Protocols
partyProtocols
OBJECT IDENTIFIER ::= { partyAdmin 1 }
noAuth --- Insecure Authentication Protocol
OBJECT IDENTIFIER ::= { partyProtocols 1 }
mD4AuthProt --- MD4 Authentication Protocol
OBJECT IDENTIFIER ::= { partyProtocols 2 }
noPriv --- Plaintext Privacy Protocol
OBJECT IDENTIFIER ::= { partyProtocols 3 }
dESPrivProt --- DES Privacy Protocol
OBJECT IDENTIFIER ::= { partyProtocols 4 }
--- definitions of Transport Domains
McCloghrie/Davin/Galvin [Page 6]
Internet Draft SNMP Party MIB April 1991
transportDomains
OBJECT IDENTIFIER ::= { partyAdmin 2 }
rfc1157Domain --- RFC-1157 (SNMP over UDP)
OBJECT IDENTIFIER ::= { transportDomains 1 }
TAddr ::= OCTET STRING -- a textual convention denoting
-- a transport service address
-- for rfc1157Domain, a TAddr is 6 octets long, the
-- most significant 4 octets containing the IP-address
-- in network-byte order and the last two containing
-- the UDP port.
--- definitions of Proxy Domains
proxyDomains
OBJECT IDENTIFIER ::= { partyAdmin 3 }
noProxy --- Local operation
OBJECT IDENTIFIER ::= { partyDomains 1 }
McCloghrie/Davin/Galvin [Page 7]
Internet Draft SNMP Party MIB April 1991
--- Definition of Initial Party Identifiers
-- When devices are installed, they need to be configured
-- with an initial set of SNMP parties. The configuration
-- of SNMP parties requires (among other things) the
-- assignment of several OBJECT IDENTIFIERs. Any local network
-- administration can obtain the delegated authority necessary
-- to assign its own OBJECT IDENTIFIERs. However, to cater
-- for those administrations who have not obtained the necessary
-- authority, this document allocates a branch of the naming
-- tree for use with the following conventions.
initial1157PartyId
OBJECT IDENTIFIER ::= { partyAdmin 4 }
-- Note these are identified as "initial" party identifiers
-- since these allow secure SNMP communication to proceed,
-- thereby allowing further SNMP parties to be configured
-- through use of the SNMP itself.
-- The following definitions identify a party identifier,
-- and specify the initial values of various object
-- instances indexed by that identifier. In addition,
-- the initial MIB view and access control parameters
-- assigned, by convention, to these parties are identified.
-- Party Identifiers for use by an initial SNMP party
-- at IP address a.b.c.d
-- partyIdentity = { initial1157PartyId a b c d 1 }
-- partyTDomain = { rfc1157Domain }
-- partyTAddr = a.b.c.d, 161
-- partyProxyFor = { noProxy }
-- partyAuthProt = { noAuth }
-- partyAuthClock = 0
-- partyAuthPrivate = ''h (the empty string)
-- partyAuthPublic = ''h (the empty string)
-- partyAuthLifetime = 0
-- partyPrivProt = { noPriv }
-- partyPrivPrivate = ''h (the empty string)
-- partyPrivPublic = ''h (the empty string)
McCloghrie/Davin/Galvin [Page 8]
Internet Draft SNMP Party MIB April 1991
-- partyIdentity = { initial1157PartyId a b c d 2 }
-- partyTDomain = { rfc1157Domain }
-- partyTAddr = 0.0.0.0, 0
-- partyProxyFor = { noProxy }
-- partyAuthProt = { noAuth }
-- partyAuthClock = 0
-- partyAuthPrivate = ''h (the empty string)
-- partyAuthPublic = ''h (the empty string)
-- partyAuthLifetime = 0
-- partyPrivProt = { noPriv }
-- partyPrivPrivate = ''h (the empty string)
-- partyPrivPublic = ''h (the empty string)
-- partyIdentity = { initial1157PartyId a b c d 3 }
-- partyTDomain = { rfc1157Domain }
-- partyTAddr = a.b.c.d, 161
-- partyProxyFor = { noProxy }
-- partyAuthProt = { mD4AuthProt }
-- partyAuthClock = 0
-- partyAuthPrivate = assigned by local administration
-- partyAuthPublic = ''h (the empty string)
-- partyAuthLifetime = 30000
-- partyPrivProt = { noPriv }
-- partyPrivPrivate = ''h (the empty string)
-- partyPrivPublic = ''h (the empty string)
-- partyIdentity = { initial1157PartyId a b c d 4 }
-- partyTDomain = { rfc1157Domain }
-- partyTAddr = 0.0.0.0, 0
-- partyProxyFor = { noProxy }
-- partyAuthProt = { mD4AuthProt }
-- partyAuthClock = 0
-- partyAuthPrivate = assigned by local administration
-- partyAuthPublic = ''h (the empty string)
-- partyAuthLifetime = 30000
-- partyPrivProt = { noPriv }
-- partyPrivPrivate = ''h (the empty string)
-- partyPrivPublic = ''h (the empty string)
McCloghrie/Davin/Galvin [Page 9]
Internet Draft SNMP Party MIB April 1991
-- partyIdentity = { initial1157PartyId a b c d 5 }
-- partyTDomain = { rfc1157Domain }
-- partyTAddr = a.b.c.d, 161
-- partyProxyFor = { noProxy }
-- partyAuthProt = { mD4AuthProt }
-- partyAuthClock = 0
-- partyAuthPrivate = assigned by local administration
-- partyAuthPublic = ''h (the empty string)
-- partyAuthLifetime = 30000
-- partyPrivProt = { dESPrivProt }
-- partyPrivPrivate = assigned by local administration
-- partyPrivPublic = ''h (the empty string)
-- partyIdentity = { initial1157PartyId a b c d 6 }
-- partyTDomain = { rfc1157Domain }
-- partyTAddr = 0.0.0.0, 0
-- partyProxyFor = { noProxy }
-- partyAuthProt = { mD4AuthProt }
-- partyAuthClock = 0
-- partyAuthPrivate = assigned by local administration
-- partyAuthPublic = ''h (the empty string)
-- partyAuthLifetime = 30000
-- partyPrivProt = { dESPrivProt }
-- partyPrivPrivate = assigned by local administration
-- partyPrivPublic = ''h (the empty string)
-- The initial access control parameters assigned, by
-- convention, to these parties are:
-- aclTarget = { initial1157PartyId a b c d 1 }
-- aclSubject = { initial1157PartyId a b c d 2 }
-- aclPrivileges = 19 (Get, Get-Next & Trap)
-- aclTarget = { initial1157PartyId a b c d 3 }
-- aclSubject = { initial1157PartyId a b c d 4 }
-- aclPrivileges = 27 (Get, Get-Next, Set & Trap)
-- aclTarget = { initial1157PartyId a b c d 5 }
-- aclSubject = { initial1157PartyId a b c d 6 }
-- aclPrivileges = 27 (Get, Get-Next, Set & Trap)
McCloghrie/Davin/Galvin [Page 10]
Internet Draft SNMP Party MIB April 1991
-- The initial MIB views assigned, by convention, to
-- these parties are:
-- viewParty = { initial1157PartyId a b c d 1 }
-- viewSubtree = { system }
-- viewParty = { initial1157PartyId a b c d 1 }
-- viewSubtree = { snmpParty }
-- viewParty = { initial1157PartyId a b c d 3 }
-- viewSubtree = { mib }
-- viewParty = { initial1157PartyId a b c d 3 }
-- viewSubtree = { experimental }
-- viewParty = { initial1157PartyId a b c d 3 }
-- viewSubtree = { private }
-- viewParty = { initial1157PartyId a b c d 3 }
-- viewSubtree = { snmpParty }
-- viewParty = { initial1157PartyId a b c d 5 }
-- viewSubtree = { internet }
McCloghrie/Davin/Galvin [Page 11]
Internet Draft SNMP Party MIB April 1991
-- The SNMP Party Public Database
-- The non-secret party information
partyTable OBJECT-TYPE
SYNTAX SEQUENCE OF PartyEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"The SNMP Party Public database."
::= { partyPublic 1 }
partyEntry OBJECT-TYPE
SYNTAX PartyEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"Locally held non-secret information about a
particular SNMP party, which is available for
access by network management. Note that this does
not include all locally held information about a
party; in particular, it does not include the
'ratchet' or the 'nonce' (see [10])."
INDEX { partyIdentity }
::= { partyTable 1 }
PartyEntry ::=
SEQUENCE {
partyIdentity
Party,
partyTDomain
OBJECT IDENTIFIER,
partyTAddr
TAddr,
partyProxyFor
Party,
partyAuthProt
OBJECT IDENTIFIER,
partyAuthClock
TimeTicks,
partyAuthPublic
OCTET STRING,
partyAuthLifetime
INTEGER,
partyPrivProt
McCloghrie/Davin/Galvin [Page 12]
Internet Draft SNMP Party MIB April 1991
OBJECT IDENTIFIER,
partyPrivPublic
OCTET STRING
}
partyIdentity OBJECT-TYPE
SYNTAX Party
ACCESS read-only
STATUS mandatory
DESCRIPTION
"A party identifier uniquely identifying a
particular SNMP party."
::= { partyEntry 1 }
partyTDomain OBJECT-TYPE
SYNTAX OBJECT IDENTIFIER
ACCESS read-write
STATUS mandatory
DESCRIPTION
"Indicates the kind of transport service by which
the party receives network management traffic. An
example of a transport domain is 'rfc1157Domain'
(SNMP over UDP)."
DEFVAL { rfc1157Domain }
::= { partyEntry 2 }
partyTAddr OBJECT-TYPE
SYNTAX TAddr
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The transport service address by which the party
receives network management traffic, formatted
according to the corresponding value of
partyTDomain. For rfc1157Domain, partyTAddr is
formatted as a 4-octet IP Address concatenated
with a 2-octet UDP port number."
DEFVAL { '0000000000'h }
::= { partyEntry 3 }
partyProxyFor OBJECT-TYPE
SYNTAX Party
ACCESS read-write
STATUS mandatory
DESCRIPTION
McCloghrie/Davin/Galvin [Page 13]
Internet Draft SNMP Party MIB April 1991
"The identity of a second SNMP party or other
management entity with which interaction may be
necessary to satisfy received management requests.
In this context, the distinguished value { noProxy
} signifies that the party responds to received
management requests by entirely local mechanisms."
DEFVAL { noProxy }
::= { partyEntry 4 }
partyAuthProt OBJECT-TYPE
SYNTAX OBJECT IDENTIFIER
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The authentication algorithm by which all
messages generated by the party are
cryptographically signed with its party identity.
In this context, the value { noAuth } signifies
that messages generated by the party are not
cryptographically signed."
DEFVAL { mD4AuthProt }
::= { partyEntry 5 }
partyAuthClock OBJECT-TYPE
SYNTAX TimeTicks
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The authentication clock which represents the
local notion of the current time specific to the
party."
DEFVAL { 0 }
::= { partyEntry 6 }
partyAuthPublic OBJECT-TYPE
SYNTAX OCTET STRING
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The public authentication key for the party which
may be needed to verify a cryptographic signature
on protocol messages generated by the party."
DEFVAL { ''h } -- the empty string
::= { partyEntry 7 }
McCloghrie/Davin/Galvin [Page 14]
Internet Draft SNMP Party MIB April 1991
partyAuthLifetime OBJECT-TYPE
SYNTAX INTEGER
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The lifetime (in units of a hundredth of a
second) which represents an administrative upper
bound on acceptable delivery delay for protocol
messages generated by the party."
DEFVAL { 30000 }
::= { partyEntry 8 }
partyPrivProt OBJECT-TYPE
SYNTAX OBJECT IDENTIFIER
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The privacy algorithm by which all protocol
messages received by the party are protected from
disclosure. In this context, the value { noPriv }
signifies that messages received by the party are
not encrypted."
DEFVAL { noPriv }
::= { partyEntry 9 }
partyPrivPublic OBJECT-TYPE
SYNTAX OCTET STRING
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The public encryption key which may be needed to
encrypt messages which are directed to the party."
DEFVAL { ''h } -- the empty string
::= { partyEntry 10 }
McCloghrie/Davin/Galvin [Page 15]
Internet Draft SNMP Party MIB April 1991
-- The SNMP Party Private Database
-- The secret party information
partyPrivateTable OBJECT-TYPE
SYNTAX SEQUENCE OF PartyPrivateEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"The SNMP Party Private database."
::= { partyPrivate 1 }
partyPrivateEntry OBJECT-TYPE
SYNTAX PartyPrivateEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"Locally held secret information about a
particular SNMP party, which is available for
access by network management."
INDEX { partyPrivateIdentity }
::= { partyPrivateTable 1 }
PartyPrivateEntry ::=
SEQUENCE {
partyPrivateIdentity
Party,
partyAuthPrivate
OCTET STRING,
partyPrivPrivate
OCTET STRING
}
partyPrivateIdentity OBJECT-TYPE
SYNTAX Party
ACCESS read-only
STATUS mandatory
DESCRIPTION
"A party identifier uniquely identifying a
particular SNMP party."
::= { partyPrivateEntry 1 }
partyAuthPrivate OBJECT-TYPE
SYNTAX OCTET STRING
ACCESS read-write
McCloghrie/Davin/Galvin [Page 16]
Internet Draft SNMP Party MIB April 1991
STATUS mandatory
DESCRIPTION
"An encoding of the party's private authentication
key which may be needed either to generate or to
verify a cryptographic signature on protocol
messages generated by the party. When read, the
value of this variable is the zero length OCTET
STRING. Thus, its value is related to the private
authentication key ONLY in a SNMP Set-Request.
The encoding is the exclusive-OR of the old
private authentication key prior to the Set-
Request with the new private authentication key
after the Set-Request. In calculating the
exclusive-OR, the old key is padded with zeros if
shorter than the new key. If no value for the old
key exists, a zero-length OCTET STRING is used in
the calculation."
::= { partyPrivateEntry 2 }
partyPrivPrivate OBJECT-TYPE
SYNTAX OCTET STRING
ACCESS read-write
STATUS mandatory
DESCRIPTION
"An encoding of the private encryption key which
may be needed either to encrypt messages directed
to the party or to decrypt messages received by
the party. When read, the value of this variable
is the zero length OCTET STRING. Thus, its value
is related to the private encryption key ONLY in a
SNMP Set-Request. The encoding is the exclusive-
OR of the old private encryption key prior to the
Set-Request with the new private encryption key
after the Set-Request. In calculating the
exclusive-OR, the old key is padded with zeros if
shorter than the new key. If no value for the old
key exists, a zero-length OCTET STRING is used in
the calculation."
::= { partyPrivateEntry 3 }
McCloghrie/Davin/Galvin [Page 17]
Internet Draft SNMP Party MIB April 1991
-- The SNMP Access Privileges Database
-- Implementation of this group of objects is optional.
-- It is only required if the SNMP itself is to be used
-- to configure new SNMP parties, or to manipulate the
-- access privileges of existing parties.
aclTable OBJECT-TYPE
SYNTAX SEQUENCE OF AclEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"The access privileges database."
::= { partyAccess 1 }
aclEntry OBJECT-TYPE
SYNTAX AclEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"The access privileges for a particular requesting
SNMP party in accessing a particular target SNMP
party."
INDEX { aclTarget, aclSubject }
::= { aclTable 1 }
AclEntry ::=
SEQUENCE {
aclTarget
Party,
aclSubject
Party,
aclPrivileges
INTEGER
}
aclTarget OBJECT-TYPE
SYNTAX Party
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The target SNMP party whose performance of
management operations is constrained by this set
of access privileges."
McCloghrie/Davin/Galvin [Page 18]
Internet Draft SNMP Party MIB April 1991
::= { aclEntry 1 }
aclSubject OBJECT-TYPE
SYNTAX Party
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The subject SNMP party whose requests for
management operations to be performed is
constrained by this set of access privileges."
::= { aclEntry 2 }
aclPrivileges OBJECT-TYPE
SYNTAX INTEGER
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The access privileges which govern what
management operations a particular target party
may perform when requested by a particular subject
party. These privileges are specified as a sum of
values, where each value specifies a SNMP PDU type
by which the subject party may request a permitted
operation. The value for a particular PDU type is
computed as 2 raised to the value of the ASN.1
context-specific tag for the appropriate SNMP PDU
type. Thus, the values (for the tags defined in
[5]) are:
Get : 1
GetNext : 2
GetResponse : 4
Set : 8
Trap : 16
The null set is represented by the value zero."
DEFVAL { 19 } -- Get, Get-Next & Trap
::= { aclEntry 3 }
McCloghrie/Davin/Galvin [Page 19]
Internet Draft SNMP Party MIB April 1991
-- The MIB View Database
-- Implementation of this group of objects is optional.
-- It is only required if the SNMP itself is to be used
-- to configure new SNMP parties, or to manipulate the
-- MIB views of existing parties.
viewTable OBJECT-TYPE
SYNTAX SEQUENCE OF ViewEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"The database defining local MIB views. Each SNMP
party has a single MIB view which is defined as a
set of mutually disjoint view subtrees."
::= { partyViews 1 }
viewEntry OBJECT-TYPE
SYNTAX ViewEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"Information on a particular view subtree within a
particular SNMP party's MIB view."
INDEX { viewParty, viewSubtree }
::= { viewTable 1 }
ViewEntry ::=
SEQUENCE {
viewParty
Party,
viewSubtree
OBJECT IDENTIFIER
}
viewParty OBJECT-TYPE
SYNTAX Party
ACCESS read-only
STATUS mandatory
DESCRIPTION
"A SNMP party whose single MIB view contains a
particular view subtree."
::= { viewEntry 1 }
McCloghrie/Davin/Galvin [Page 20]
Internet Draft SNMP Party MIB April 1991
viewSubtree OBJECT-TYPE
SYNTAX OBJECT IDENTIFIER
ACCESS read-only
STATUS mandatory
DESCRIPTION
"One of the mutually disjoint view subtrees
contained in a particular SNMP party's MIB view."
DEFVAL { mib }
::= { viewEntry 2 }
END
McCloghrie/Davin/Galvin [Page 21]
Internet Draft SNMP Party MIB April 1991
7. Acknowledgments
This document was produced on behalf of the SNMP Security
Working Group of the Internet Engineering Task Force. The
authors wish to thank the members of the working group, and
others who contributed to this effort:
McCloghrie/Davin/Galvin [Page 22]
Internet Draft SNMP Party MIB April 1991
8. References
[1] V. Cerf, IAB Recommendations for the Development of
Internet Network Management Standards. Internet Working
Group Request for Comments 1052. Network Information
Center, SRI International, Menlo Park, California,
(April, 1988).
[2] V. Cerf, Report of the Second Ad Hoc Network Management
Review Group, Internet Working Group Request for Comments
1109. Network Information Center, SRI International,
Menlo Park, California, (August, 1989).
[3] M.T. Rose and K. McCloghrie, Structure and Identification
of Management Information for TCP/IP-based internets,
Internet Working Group Request for Comments 1155.
Network Information Center, SRI International, Menlo
Park, California, (May, 1990).
[4] K. McCloghrie and M.T. Rose, Management Information Base
for Network Management of TCP/IP-based internets,
Internet Working Group Request for Comments 1156.
Network Information Center, SRI International, Menlo
Park, California, (May, 1990).
[5] J.D. Case, M.S. Fedor, M.L. Schoffstall, and J.R. Davin,
Simple Network Management Protocol, Internet Working
Group Request for Comments 1157. Network Information
Center, SRI International, Menlo Park, California, (May,
1990).
[6] K. McCloghrie, M.T. Rose (editors), Management
Information Base for Network Management of TCP/IP-based
internets, Internet Working Group Request for Comments
1213. Network Information Center, SRI International,
Menlo Park, California, (March, 1991).
[7] Information processing systems - Open Systems
Interconnection - Specification of Abstract Syntax
Notation One (ASN.1), International Organization for
Standardization. International Standard 8824, (December,
1987).
[8] Information processing systems - Open Systems
Interconnection - Specification of Basic Encoding Rules
McCloghrie/Davin/Galvin [Page 23]
Internet Draft SNMP Party MIB April 1991
for Abstract Notation One (ASN.1), International
Organization for Standardization. International Standard
8825, (December, 1987).
[9] M.T. Rose, K. McCloghrie (editors), Concise MIB
Definitions, Internet Working Group Request for Comments
1212. Network Information Center, SRI International,
Menlo Park, California, (March, 1991).
[10] J.R. Davin, SNMP Administrative Model, Internet Draft,
Internet Engineering Task Force, (April, 1991).
[11] J.M. Galvin, K. McCloghrie, J.R. Davin, SNMP Security
Protocol, Internet Draft, Internet Engineering Task
Force, (April, 1991).
McCloghrie/Davin/Galvin [Page 24]
Internet Draft SNMP Party MIB April 1991
Table of Contents
1 Abstract .............................................. 1
2 Status of this Memo ................................... 1
3 Historical Perspective ................................ 2
4 Objects ............................................... 4
4.1 Format of Definitions ............................... 4
5 Overview .............................................. 5
5.1 Structure ........................................... 5
5.2 Textual Conventions ................................. 5
6 Definitions ........................................... 6
6.1 The SNMP Party Public Database ...................... 12
6.2 The SNMP Party Private Database ..................... 16
6.3 The SNMP Access Privileges Database ................. 18
6.4 The MIB View Database ............................... 20
7 Acknowledgments ....................................... 22
8 References ............................................ 23
McCloghrie/Davin/Galvin [Page 25]
