blank.gif (43 bytes)

Church Of The
Swimming Elephant

6.3.2. Data Integrity Mechanism Connected: An Internet Encyclopedia
6.3.2. Data Integrity Mechanism

Up: Connected: An Internet Encyclopedia
Up: Requests For Comments
Up: RFC 1446
Up: 6. Security Considerations
Up: 6.3. Protocol Correctness
Prev: 6.3.1. Clock Monotonicity Mechanism
Next: 6.3.3. Data Origin Authentication Mechanism

6.3.2. Data Integrity Mechanism

6.3.2. Data Integrity Mechanism

The protocols require computation of a message digest computed over the SNMPv2 message prepended by the secret for the relevant party. By virtue of this mechanism and assumptions 1 and 2, the protocols realize goal 1.

Normally, the inclusion of the message digest value with the digested message would not be sufficient to guarantee data integrity, since the digest value can be modified in addition to the message while it is enroute. However, since not all of the digested message is included in the transmission to the destination, it is not possible to substitute both a message and a digest value while enroute to a destination.

Strictly speaking, the specified strategy for data integrity does not detect a SNMPv2 message modification which appends extraneous material to the end of such messages. However, owing to the representation of SNMPv2 messages as ASN.1 values, such modifications cannot - consistent with goal 1 - result in unauthorized management operations.

The data integrity mechanism specified in this memo protects only against unauthorized modification of individual SNMPv2 messages. A more general data integrity service that affords protection against the threat of message stream modification is not realized by this mechanism, although limited protection against reordering, delay, and duplication of messages within a message stream are provided by other mechanisms of the protocol.

Next: 6.3.3. Data Origin Authentication Mechanism

Connected: An Internet Encyclopedia
6.3.2. Data Integrity Mechanism


Protect yourself from cyberstalkers, identity thieves, and those who would snoop on you.
Stop spam from invading your inbox without losing the mail you want. We give you more control over your e-mail than any other service.
Block popups, ads, and malicious scripts while you surf the net through our anonymous proxies.
Participate in Usenet, host your web files, easily send anonymous messages, and more, much more.
All private, all encrypted, all secure, all in an easy to use service, and all for only $5.95 a month!

Service Details

Have you gone to church today?
All pages ©1999, 2000, 2001, 2002, 2003 Church of the Swimming Elephant unless otherwise stated
Church of the Swimming Elephant©1999, 2000, 2001, 2002, 2003 is a wholly owned subsidiary of Packetderm, LLC.

Packetderm, LLC
210 Park Ave #308
Worcester, MA 01609