blank.gif (43 bytes)

Church Of The
Swimming Elephant

Search:
2. SNMPv2 Party Connected: An Internet Encyclopedia
2. SNMPv2 Party

Up: Connected: An Internet Encyclopedia
Up: Requests For Comments
Up: RFC 1446
Prev: 1.5.2. Symmetric Encryption Algorithm
Next: 3. Digest Authentication Protocol

2. SNMPv2 Party

2. SNMPv2 Party

Recall from [1] that a SNMPv2 party is a conceptual, virtual execution context whose operation is restricted (for security or other purposes) to an administratively defined subset of all possible operations of a particular SNMPv2 entity. A SNMPv2 entity is an actual process which performs network management operations by generating and/or responding to SNMPv2 protocol messages in the manner specified in [12]. Architecturally, every SNMPv2 entity maintains a local database that represents all SNMPv2 parties known to it.

A SNMPv2 party may be represented by an ASN.1 value with the following syntax:

        SnmpParty ::= SEQUENCE {
          partyIdentity
             OBJECT IDENTIFIER,
          partyTDomain
             OBJECT IDENTIFIER,
          partyTAddress
             OCTET STRING,
          partyMaxMessageSize
             INTEGER,
          partyAuthProtocol
             OBJECT IDENTIFIER,
          partyAuthClock
             INTEGER,
          partyAuthPrivate
             OCTET STRING,
          partyAuthPublic
             OCTET STRING,
          partyAuthLifetime
             INTEGER,
          partyPrivProtocol
             OBJECT IDENTIFIER,
          partyPrivPrivate
             OCTET STRING,
          partyPrivPublic
             OCTET STRING
        }

For each SnmpParty value that represents a SNMPv2 party, the generic significance of each of its components is defined in [1]. For each SNMPv2 party that supports the generation of messages using the Digest Authentication Protocol, additional, special significance is attributed to certain components of that party's representation:

  • Its partyAuthProtocol component is called the authentication protocol and identifies a combination of the Digest Authentication Protocol with a particular digest algorithm (such as that defined in Section 1.5.1). This combined mechanism is used to authenticate the origin and integrity of all messages generated by the party.

  • Its partyAuthClock component is called the authentication clock and represents a notion of the current time that is specific to the party.

  • Its partyAuthPrivate component is called the private authentication key and represents any secret value needed to support the Digest Authentication Protocol and associated digest algorithm.

  • Its partyAuthPublic component is called the public authentication key and represents any public value that may be needed to support the authentication protocol. This component is not significant except as suggested in Section 5.4.

  • Its partyAuthLifetime component is called the lifetime and represents an administrative upper bound on acceptable delivery delay for protocol messages generated by the party.

For each SNMPv2 party that supports the receipt of messages via the Symmetric Privacy Protocol, additional, special significance is attributed to certain components of that party's representation:

  • Its partyPrivProtocol component is called the privacy protocol and identifies a combination of the Symmetric Privacy Protocol with a particular encryption algorithm (such as that defined in Section 1.5.2). This combined mechanism is used to protect from disclosure all protocol messages received by the party.

  • Its partyPrivPrivate component is called the private privacy key and represents any secret value needed to support the Symmetric Privacy Protocol and associated encryption algorithm.

  • Its partyPrivPublic component is called the public privacy key and represents any public value that may be needed to support the privacy protocol. This component is not significant except as suggested in Section 5.4.


Next: 3. Digest Authentication Protocol

Connected: An Internet Encyclopedia
2. SNMPv2 Party

Cotse.Net

Protect yourself from cyberstalkers, identity thieves, and those who would snoop on you.
Stop spam from invading your inbox without losing the mail you want. We give you more control over your e-mail than any other service.
Block popups, ads, and malicious scripts while you surf the net through our anonymous proxies.
Participate in Usenet, host your web files, easily send anonymous messages, and more, much more.
All private, all encrypted, all secure, all in an easy to use service, and all for only $5.95 a month!

Service Details

 
.
www.cotse.com
Have you gone to church today?
.
All pages ©1999, 2000, 2001, 2002, 2003 Church of the Swimming Elephant unless otherwise stated
Church of the Swimming Elephant©1999, 2000, 2001, 2002, 2003 Cotse.com.
Cotse.com is a wholly owned subsidiary of Packetderm, LLC.

Packetderm, LLC
210 Park Ave #308
Worcester, MA 01609