blank.gif (43 bytes)

Church Of The
Swimming Elephant

Search:
6.3.6. Selective Clock Acceleration Mechanism Connected: An Internet Encyclopedia
6.3.6. Selective Clock Acceleration Mechanism

Up: Connected: An Internet Encyclopedia
Up: Requests For Comments
Up: RFC 1446
Up: 6. Security Considerations
Up: 6.3. Protocol Correctness
Prev: 6.3.5. Message Timeliness Mechanism
Next: 6.3.7. Confidentiality Mechanism

6.3.6. Selective Clock Acceleration Mechanism

6.3.6. Selective Clock Acceleration Mechanism

The definition of the SNMPv2 security protocols requires that, if either of the timestamp values for the originating or receiving parties on a received, validated message exceeds the corresponding local notion of the clock for that party, then the local notion of the clock for that party is adjusted forward to correspond to said timestamp value. This mechanism is neither strictly necessary nor sufficient to the security of the protocol; rather, it fosters the clock synchronization on which valid message delivery depends - thereby enhancing the effectiveness of the protocol in a management context.

        if (msgIsValidated) {
               if (timestampOfReceivedMsg >
                     party->localNotionOfClock) {
                     party->localNotionOfClock =
                           timestampOfReceivedMsg;
               }
        }

The effect of this mechanism is to synchronize local notions of a party clock more closely in the case where a sender's notion is more advanced than a receiver's. In the opposite case, this mechanism has no effect on local notions of a party clock and either the received message is validly delivered or not according to other mechanisms of the protocol.

Operation of this mechanism does not, in general, improve the probability of validated delivery for messages generated by party participants whose local notion of the party clock is relatively less advanced. In this case, queries from a management station may not be validly delivered and the management station needs to react appropriately (e.g., by use of the strategy described in section 5.3). In contrast, the delivery of SNMPv2 trap messages generated by an agent that suffers from a less advanced notion of a party clock is more problematic, for an agent may lack the capacity to recognize and react to security failures that prevent delivery of its messages. Thus, the inherently unreliable character of trap messages is likely to be compounded by attempts to provide for their validated delivery.


Next: 6.3.7. Confidentiality Mechanism

Connected: An Internet Encyclopedia
6.3.6. Selective Clock Acceleration Mechanism

Cotse.Net

Protect yourself from cyberstalkers, identity thieves, and those who would snoop on you.
Stop spam from invading your inbox without losing the mail you want. We give you more control over your e-mail than any other service.
Block popups, ads, and malicious scripts while you surf the net through our anonymous proxies.
Participate in Usenet, host your web files, easily send anonymous messages, and more, much more.
All private, all encrypted, all secure, all in an easy to use service, and all for only $5.95 a month!

Service Details

 
.
www.cotse.com
Have you gone to church today?
.
All pages ©1999, 2000, 2001, 2002, 2003 Church of the Swimming Elephant unless otherwise stated
Church of the Swimming Elephant©1999, 2000, 2001, 2002, 2003 Cotse.com.
Cotse.com is a wholly owned subsidiary of Packetderm, LLC.

Packetderm, LLC
210 Park Ave #308
Worcester, MA 01609