Editor's Note: Minutes received 12/2/92
CURRENT_MEETING_REPORT_
Reported by James Galvin/TIS
Minutes of the SNMP Security Working Group (SNMPSEC)
The meeting was called to order at 4:00 p.m. on November 17th. The
Agenda was reviewed and accepted as presented. It was mentioned that
the Charter was revised to reflect the need to align with SNMP version
2; there were no comments on the Charter as distributed to the mailing
list. Finally, it was noted that the Security Area has been alerted to
the aggressive schedule we have planned and has been requested to
provide a security review of the soon to be revised documents as soon as
possible.
The following editorial changes were approved for all three documents:
- change all references to SNMP to SNMPv2.
- change all references to "Internet-standard Network Management
Framework to SNMPv2 Framework.
- change all references to "rfc1351Domain" to "snmpUDPDomain".
- change the MIB to IMPORT from the SNMPv2 protocol operations
document.
- clarify the viewTable description when viewMask contains bits
set to 0.
- clarify in the MIB which default party identifiers execute at
an agent and which execute at a management station.
- clarify that the "a.b.c.d" in the initial party identifiers is
always the agent's IP address.
- clarify the text in the SMP introductory document that
explains the relationship between initial parties 3 and 4 and
initial parties 5 and 6.
The following technical clarifications were suggested and approved:
- add a field to the partyTable to indicate if this party entry
operates in the role of a management station or an agent.
- change the sequence of steps in the authentication protocol so
that the party clocks are not advanced until after the access
control check is done; otherwise it is possible for authentic
parties to advance the clocks of parties to which they do not
have access.
- change the initial party configurations such that the sending
of traps is only required for the noAuth/noPriv parties.
- explicitly note that agents may send responses to queries
without checking the ACL table.
- explicitly state the initial parties are required to exist
"out of the box".
- explicitly state that parties in an aclTable entry must use
identical authentication protocols; this is inferred by the
requirement that privacy not be supported without
authentication but not stating it allows a noAuth/noPriv party
to send requests to a party supporting privacy, which can not
be properly encoded.
The following technical changes are required or are enhancements
resulting from the SNMPv2 proposals:
- make use of the authorizationError response.
- change the aclPrivileges object to support the new PDU types.
- update the access control parameters for the initial party
identifiers.
- update the initial MIB views for the initial party identifiers.
- update the status objects to use the new textual conventions.
- drop the use of the ordered delivery mechanism; this includes
omitting "nonce", "last-timestamp", and the steps in the
authentication protocol that operate with them.
The following technical changes were discussed and approved:
- make the privacy protocol optional and note that it is only
required for new party creation and in those configurations
where information disclosure is prohibited; this allows
implementations to claim conformance if they support at least
authentication and integrity.
- to simplify agent implementations they are not required to
support instance level access control.
- make the clock synchronization algorithm symmetric; this
simplies the clock synchronization requirements; processing
currently applied to the originating party's clock apply to
the receiver's clock, the receiver's (destination) clock is
also included in the message, and there is a new
AuthInformation data type to accommodate these changes; the
format of the new AuthInformation will have the destination
clock first and the source clock next, so as to be in the same
order as the destination and source parties occur in the
message.
There were three outstanding issues after the meetings closed for the
week:
1. Compliance Levels for Party MIBs with the new SNMPv2 compliance
macros; it is necessary that compliance levels be specified for the
party MIB; a proposal to specify three such levels was made
2. Party Creation without DES; a new proposal was distributed, and
presented at the meeting, detailing mechanisms by which parties
could be ``cloned'' from other parties, both to allow party
creation without DES and to allow systems with limited NVRAM to
support temporary parties which would be re-created after each
reboot
3. Party Proliferation; ``proliferation of parties'' had been passed
to this Working Group from the SNMPv2 Working Group as a problem to
be solved; two different presentations were made on this issue; one
detailed mechanisms to reduce the amount of NVRAM required to
support SNMP Security through a reduction in the number of parties
and a recasting of the tables in the Party MIB; the other
presentation, with the same aims, suggested that spatial and
temporal semantics should be embodied in the Management Information
model, which therefore argued against some of the MIB recasting of
the first proposal.
These three issues were left unresolved due to a lack of time and due to
their inter-dependence (e.g., the number and types of compliance levels
depend on whether DES is required for party creation).
1
�
Attendees
Steve Alexander stevea@i88.isc.com
David Arneson arneson@ctron.com
Jim Barnes barnes@xylogics.com
Andy Bierman abierman@synoptics.com
Fred Bohle fab@interlink.com
Vickie Brown brown@osi540sn.gsfc.nasa.gov
J. Nevil Brownlee nevil@aukuni.ac.uz
Theodore Brunner tob@thumper.bellcore.com
Matthew Busche mtb@anchor.ho.att.com
Stephen Bush sfb@ncoast.org
Dilip Chatwani dilip@synoptics.com
Szusin Chen szusin.chen@eng.sun.com
Robert Ching rching@nat.com
Chris Chiotasso chris@andr.ub.com
Bobby Clay clay@eagle.msfc.nasa.gov
Tracy Cox tacox@sabre.bellcore.com
Juan Cruz juan@dss.com
Dave Cullerot cullerot@ctron.com
Cathy Cunningham cmc@microcom.com
James Davin davin@bellcore.com
Cynthia Della Torre cindy@gateway.mitre.org
Art Dertke dertke@gateway.mitre.org
Manuel Diaz diaz@davidsys.com
William Edison
David Engel david@ods.com
Raphael Freiwirth 5242391@mcimail.com
James Galvin galvin@tis.com
Richard Graveman rfg@ctt.bellcore.com
Maria Greene mngreene@eng.xyplex.com
Pete Grillo pl0143@mail.psi.net
Michel Guittet guittet1@applelink.apple.com
Ed Heiner eah@pau.synnet.com
Ken Hirata khirata@emulex.com
Gerd Holzhauer holzhauer1@applelink.apple.com
John Hopprich hopprich@davidsys.com
Kevin Jackson kmj@concord.com
Bob Jeckell rrj@3com.com
Mark Kepke mak@cnd.hp.com
John Kimmins kimm@ctt.bellcore.com
Keith Klamm klamm@ods.com
Andrew Knutsen andrewk@sco.com
Michael Kornegay mlk@bir.com
Deirdre Kostick dck2@sabre.bellcore.com
David Lin lind@janus-ccm.zenith.com
David Lindemulder dcl@mtung.att.com
John Linn linn@erlang.enet.dec.com
Benjamin Lisowski Ben.Lisowski@sprint.sprint.com
John Lunny jlunny@twg.com
Carl Madison carl@startek.com
Keith McCloghrie kzm@hls.com
Evan McGinnis bem@3com.com
Donna McMaster mcmaster@synoptics.com
2
�
Douglas Miller dmm@telebit.com
David Minnich dwm@fibercom.com
Mohammad Mirhakkak mmirhakk@mitre.org
George Mouradian gvm@arch3.att.com
Patrick Mullaney mullaney@ctron.com
Daniel Myers dan@nsd.3com.com
Rina Nathaniel rina!rnd!rndi@uunet.uu.net
Bill Norton wbn@merit.edu
Steven Onishi sonishi@wellfleet.com
David Perkins dperkins@synoptics.com
Ilan Raab iraab@synoptics.com
Richard Ramos ramos@mtunm.att.com
Venkat Rangan venkat@geoduck.matrix.com
Louise Reingold l.reingold@sprint.sprint.com
Sam Roberts sroberts@farallon.com
Kary Robertson kr@concord.com
Dan Romascanu dan@lannet.com
Avraham Rosenbach armon@armon.hellnet.org
Shawn Routhier sar@epilogue.com
Chris Rozman chrisr@usr.com
Assaf Rubissa asaf@fibhaifa.com
Jon Saperia saperia@tcpjon.ogo.dec.com
Michael Scanlon scanlon@interlan.com
Sam Schaen schaen@mitre.org
Jim Scott scott@kali.enet.dec.com
John Seligson johns@ultra.com
Timon Sloane timon@rahul.net
Robert Snyder snyder@cisco.com
Roy Spitzer roy.spitzer@sprint.com
Bob Stewart rlstewart@eng.xyplex.com
Kaj Tesink kaj@cc.bellcore.com
Dean Throop throop@dg-rtp.dg.com
Warren Vik wmv@i88.isc.com
Ioannis Viniotis candice@ececho.ncsu.edu
Steven Waldbusser waldbusser@andrew.cmu.edu
Alice Wang alice.wang@eng.sun.com
Gerry White gerry@lancity.com
Peter Wilson peter_wilson@3com.com
Steven Wong wong@took.enet.dec.com
Randall Worzella worzella@ralvm29.unet.ibm.com
Daniel Woycke woycke@smiley.mitre.org
Kiho Yum kxy@nsd.3com.com
3