blank.gif (43 bytes)

Church Of The
Swimming Elephant

5.5. Crash Recovery Connected: An Internet Encyclopedia
5.5. Crash Recovery

Up: Connected: An Internet Encyclopedia
Up: Requests For Comments
Up: RFC 1446
Up: 5. Clock and Secret Distribution
Prev: 5.4. Secret Distribution
Next: 6. Security Considerations

5.5. Crash Recovery

5.5. Crash Recovery

This section describes the requirements for SNMPv2 protocol entities in connection with recovery from system crashes or other service interruptions.

For each SNMPv2 party in the local database for a particular SNMPv2 entity, its identity, authentication clock, private authentication key, and private privacy key must enjoy non- volatile, incorruptible representations. If possible, lifetime should also enjoy a non-volatile, incorruptible representation. If said SNMPv2 entity supports other security protocols or algorithms in addition to the two defined in this memo, then the authentication protocol and the privacy protocol for each party also require non-volatile, incorruptible representation.

The authentication clock of a SNMPv2 party is a critical component of the overall security of the protocols. The inclusion of a reliable representation of a clock in a SNMPv2 entity is required for overall security. A reliable clock representation ensures that a clock's value is monotonically increasing, even across a power loss or other system failure of the local SNMPv2 entity. One example of a reliable clock representation is that provided by battery-powered clock- calendar devices incorporated into some contemporary systems. Another example is storing and updating a clock value in non- volatile storage at a frequency of once per U (e.g., 24) hours, and re-initialising that clock value on every reboot as the stored value plus U+1 hours. It is assumed that management stations always support reliable clock representations, where clock adjustment by a human operator during crash recovery may contribute to that reliability.

If a managed agent crashes and does not reboot in time for its responsible management station to prevent its authentication clock from reaching its maximal value, upon reboot the clock must be halted at its maximal value. The procedures specified in Section 5.3 would then apply.

Upon recovery, those attributes of each SNMPv2 party that do not enjoy non-volatile or reliable representation are initialized as follows.

  • If the private authentication key is not the OCTET STRING of zero length, the authentication protocol is set to identify use of the Digest Authentication Protocol in conjunction with the algorithm specified in Section 1.5.1.

  • If the lifetime is not retained, it should be initialized to zero.

  • If the private privacy key is not the OCTET STRING of zero length, the privacy protocol is set to identify use of the Symmetric Privacy Protocol in conjunction with the algorithm specified in Section 1.5.2.

Upon detecting that a managed agent has rebooted, a responsible management station must reset all other party attributes, including the lifetime if it was not retained. In order to reset the lifetime, the responsible management station should set the authentication timestamp in the message to the sum of the authentication clock and desired lifetime. This is an artificial advancement of the authentication timestamp in order to guarantee the message will be authentic when received by the recipient.

Next: 6. Security Considerations

Connected: An Internet Encyclopedia
5.5. Crash Recovery


Protect yourself from cyberstalkers, identity thieves, and those who would snoop on you.
Stop spam from invading your inbox without losing the mail you want. We give you more control over your e-mail than any other service.
Block popups, ads, and malicious scripts while you surf the net through our anonymous proxies.
Participate in Usenet, host your web files, easily send anonymous messages, and more, much more.
All private, all encrypted, all secure, all in an easy to use service, and all for only $5.95 a month!

Service Details

Have you gone to church today?
All pages ©1999, 2000, 2001, 2002, 2003 Church of the Swimming Elephant unless otherwise stated
Church of the Swimming Elephant©1999, 2000, 2001, 2002, 2003 is a wholly owned subsidiary of Packetderm, LLC.

Packetderm, LLC
210 Park Ave #308
Worcester, MA 01609