blank.gif (43 bytes)

Church Of The
Swimming Elephant

Search:
1.5. Mechanisms Connected: An Internet Encyclopedia
1.5. Mechanisms

Up: Connected: An Internet Encyclopedia
Up: Requests For Comments
Up: RFC 1446
Up: 1. Introduction
Prev: 1.4. Security Services
Next: 1.5.1. Message Digest Algorithm

1.5. Mechanisms

1.5. Mechanisms

The security protocols defined in this memo employ several types of mechanisms in order to realize the goals and security services described above:

  • In support of data integrity, a message digest algorithm is required. A digest is calculated over an appropriate portion of a SNMPv2 message and included as part of the message sent to the recipient.

  • In support of data origin authentication and data integrity, the portion of a SNMPv2 message that is digested is first prefixed with a secret value shared by the originator of that message and its intended recipient.

  • To protect against the threat of message delay or replay, (to an extent greater than can occur through normal operation), a timestamp value is included in each message generated. A recipient evaluates the timestamp to determine if the message is recent. This protection against the threat of message delay or replay does not imply nor provide any protection against unauthorized deletion or suppression of messages. Other mechanisms defined independently of the security protocol can also be used to detect message replay (e.g., the request-id [2]), or for set operations, the re-ordering, replay, deletion, or suppression of messages (e.g., the MIB variable snmpSetSerialNo [14]).

  • In support of data confidentiality, a symmetric encryption algorithm is required. An appropriate portion of the message is encrypted prior to being transmitted to its recipient.

The security protocols in this memo are defined independently of the particular choice of a message digest and encryption algorithm - owing principally to the lack of a suitable metric by which to evaluate the security of particular algorithm choices. However, in the interests of completeness and in order to guarantee interoperability, Sections 1.5.1 and 1.5.2 specify particular choices, which are considered acceptably secure as of this writing. In the future, this memo may be updated by the publication of a memo specifying substitute or alternate choices of algorithms, i.e., a replacement for or addition to the sections below.


Next: 1.5.1. Message Digest Algorithm

Connected: An Internet Encyclopedia
1.5. Mechanisms

Cotse.Net

Protect yourself from cyberstalkers, identity thieves, and those who would snoop on you.
Stop spam from invading your inbox without losing the mail you want. We give you more control over your e-mail than any other service.
Block popups, ads, and malicious scripts while you surf the net through our anonymous proxies.
Participate in Usenet, host your web files, easily send anonymous messages, and more, much more.
All private, all encrypted, all secure, all in an easy to use service, and all for only $5.95 a month!

Service Details

 
.
www.cotse.com
Have you gone to church today?
.
All pages İ1999, 2000, 2001, 2002, 2003 Church of the Swimming Elephant unless otherwise stated
Church of the Swimming Elephantİ1999, 2000, 2001, 2002, 2003 Cotse.com.
Cotse.com is a wholly owned subsidiary of Packetderm, LLC.

Packetderm, LLC
210 Park Ave #308
Worcester, MA 01609