| partyIdentity |
.1.3.6.1.2.1.20.2.1.1.1 |
|
A party identifier uniquely identifying a
particular SNMP party.
|
| partyTDomain |
.1.3.6.1.2.1.20.2.1.1.2 |
|
Indicates the kind of transport service by which
the party receives network management traffic. An
example of a transport domain is 'rfc1351Domain'
(SNMP over UDP).
|
| partyTAddress |
.1.3.6.1.2.1.20.2.1.1.3 |
|
The transport service address by which the party
receives network management traffic, formatted
according to the corresponding value of
partyTDomain. For rfc1351Domain, partyTAddress is
formatted as a 4-octet IP Address concatenated
with a 2-octet UDP port number.
|
| partyProxyFor |
.1.3.6.1.2.1.20.2.1.1.4 |
|
The identity of a second SNMP party or other
management entity with which interaction may be
necessary to satisfy received management requests.
In this context, the distinguished value { noProxy
} signifies that the party responds to received
management requests by entirely local mechanisms.
|
| partyAuthProtocol |
.1.3.6.1.2.1.20.2.1.1.5 |
|
The authentication protocol by which all messages
generated by the party are authenticated as to
origin and integrity. In this context, the value
{ noAuth } signifies that messages generated by
the party are not authenticated.
|
| partyAuthClock |
.1.3.6.1.2.1.20.2.1.1.6 |
|
The authentication clock which represents the
local notion of the current time specific to the
party. This value must not be decremented unless
the party's secret information is changed
simultaneously, at which time the party's nonce
and last-timestamp values must also be reset to
zero, and the new value of the clock,
respectively.
|
| partyAuthPublic |
.1.3.6.1.2.1.20.2.1.1.7 |
|
A publically-readable value for the party.
Depending on the party's authentication protocol,
this value may be needed to support the party's
authentication protocol. Alternatively, it may be
used by a manager during the procedure for
altering secret information about a party. (For
example, by altering the value of an instance of
this object in the same SNMP Set-Request used to
update an instance of partyAuthPrivate, a
subsequent Get-Request can determine if the Set-
Request was successful in the event that no
response to the Set-Request is received, see RFC
1352.)
The length of the value is dependent on the
party's authentication protocol. If not used by
the authentication protocol, it is recommended
that agents support values of any length up to and
including the length of the corresponding
partyAuthPrivate object.
|
| partyAuthLifetime |
.1.3.6.1.2.1.20.2.1.1.8 |
|
The lifetime (in units of seconds) which
represents an administrative upper bound on
acceptable delivery delay for protocol messages
generated by the party.
|
| partyPrivProtocol |
.1.3.6.1.2.1.20.2.1.1.9 |
|
The privacy protocol by which all protocol
messages received by the party are protected from
disclosure. In this context, the value { noPriv }
signifies that messages received by the party are
not protected.
|
| partyPrivPublic |
.1.3.6.1.2.1.20.2.1.1.10 |
|
A publically-readable value for the party.
Depending on the party's privacy protocol, this
value may be needed to support the party's privacy
protocol. Alternatively, it may be used by a
manager as a part of its procedure for altering
secret information about a party. (For example,
by altering the value of an instance of this
object in the same SNMP Set-Request used to update
an instance of partyPrivPrivate, a subsequent
Get-Request can determine if the Set-Request was
successful in the event that no response to the
Set-Request is received, see RFC 1352.)
The length of the value is dependent on the
party's privacy protocol. If not used by the
privacy protocol, it is recommended that agents
support values of any length up to and including
the length of the corresponding partyPrivPrivate
object.
|
| partyMaxMessageSize |
.1.3.6.1.2.1.20.2.1.1.11 |
|
The maximum length in octets of a SNMP message
which this party will accept. For parties which
execute at an agent, the agent initializes this
object to the maximum length supported by the
agent, and does not let the object be set to any
larger value. For parties which do not execute at
the agent, the agent must allow the manager to set
this object to any legal value, even if it is
larger than the agent can generate.
|
| partyStatus |
.1.3.6.1.2.1.20.2.1.1.12 |
|
The status of the locally-held information on a
particular SNMP party.
The instance of this object for a particular party
and the instance of partySecretsStatus for the
same party always have the same value.
This object will typically provide unrestricted
read-only access to the status of parties. In
contrast, partySecretsStatus will typically
provide restricted read-write access to the status
of parties.
|
| partySecretsIdentity |
.1.3.6.1.2.1.21.1.1.1.1 |
|
A party identifier uniquely identifying a
particular SNMP party.
|
| partySecretsAuthPrivate |
.1.3.6.1.2.1.21.1.1.1.2 |
|
An encoding of the party's private authentication
key which may be needed to support the
authentication protocol. Although the value of
this variable may be altered by a management
operation (e.g., a SNMP Set-Request), its value
can never be retrieved by a management operation:
when read, the value of this variable is the zero
length OCTET STRING.
The private authentication key is NOT directly
represented by the value of this variable, but
rather it is represented according to an encoding.
This encoding is the bitwise exclusive-OR of the
old key with the new key, i.e., of the old private
authentication key (prior to the alteration) with
the new private authentication key (after the
alteration). Thus, when processing a received
protocol Set operation, the new private
authentication key is obtained from the value of
this variable as the result of a bitwise
exclusive-OR of the variable's value and the old
private authentication key. In calculating the
exclusive-OR, if the old key is shorter than the
new key, zero-valued padding is appended to the
old key. If no value for the old key exists, a
zero-length OCTET STRING is used in the
calculation.
|
| partySecretsPrivPrivate |
.1.3.6.1.2.1.21.1.1.1.3 |
|
An encoding of the party's private encryption key
which may be needed to support the privacy
protocol. Although the value of this variable may
be altered by a management operation (e.g., a SNMP
Set-Request), its value can never be retrieved by
a management operation: when read, the value of
this variable is the zero length OCTET STRING.
The private encryption key is NOT directly
represented by the value of this variable, but
rather it is represented according to an encoding.
This encoding is the bitwise exclusive-OR of the
old key with the new key, i.e., of the old private
encryption key (prior to the alteration) with the
new private encryption key (after the alteration).
Thus, when processing a received protocol Set
operation, the new private encryption key is
obtained from the value of this variable as the
result of a bitwise exclusive-OR of the variable's
value and the old private encryption key. In
calculating the exclusive-OR, if the old key is
shorter than the new key, zero-valued padding is
appended to the old key. If no value for the old
key exists, a zero-length OCTET STRING is used in
the calculation.
|
| partySecretsStatus |
.1.3.6.1.2.1.21.1.1.1.4 |
|
The status of the locally-held information on a
particular SNMP party.
Setting an instance of this object to the value
'valid(1)' has the effect of ensuring that valid
local knowledge exists for the corresponding
party. For valid local knowledge to exist, there
must be corresponding instances of each object in
this table and in the partyTable. Thus, the
creation of instances in the partyTable (but not
in the aclTable or viewTable) occurs as a direct
result of the creation of instances in this table.
Setting an instance of this object to the value
'invalid(2)' has the effect of invalidating all
local knowledge of the corresponding party,
including the invalidating of any/all entries in
the partyTable, the partySecretsTable, the
aclTable, and the viewTable which reference said
party.
It is an implementation-specific matter as to
whether the agent removes an invalidated entry
from the table. Accordingly, management stations
must be prepared to receive from agents tabular
information corresponding to entries not currently
in use. Proper interpretation of such entries
requires examination of the relevant
partySecretsStatus object.
|
| aclTarget |
.1.3.6.1.2.1.21.2.1.1.1 |
|
The target SNMP party whose performance of
management operations is constrained by this set
of access privileges.
|
| aclSubject |
.1.3.6.1.2.1.21.2.1.1.2 |
|
The subject SNMP party whose requests for
management operations to be performed is
constrained by this set of access privileges.
|
| aclPrivileges |
.1.3.6.1.2.1.21.2.1.1.3 |
|
The access privileges which govern what
management operations a particular target party
may perform when requested by a particular subject
party. These privileges are specified as a sum of
values, where each value specifies a SNMP PDU type
by which the subject party may request a permitted
operation. The value for a particular PDU type is
computed as 2 raised to the value of the ASN.1
context-specific tag for the appropriate SNMP PDU
type. The values (for the tags defined in RFC
1157) are defined in RFC 1351 as:
Get : 1
GetNext : 2
GetResponse : 4
Set : 8
Trap : 16
The null set is represented by the value zero.
|
| aclStatus |
.1.3.6.1.2.1.21.2.1.1.4 |
|
The status of the access privileges for a
particular requesting SNMP party in accessing a
particular target SNMP party. Setting an instance
of this object to the value 'invalid(2)' has the
effect of invalidating the corresponding access
privileges.
It is an implementation-specific matter as to
whether the agent removes an invalidated entry
from the table. Accordingly, management stations
must be prepared to receive from agents tabular
information corresponding to entries not currently
in use. Proper interpretation of such entries
requires examination of the relevant aclStatus
object.
|
| viewParty |
.1.3.6.1.2.1.21.3.1.1.1 |
|
The SNMP party whose single MIB view includes or
excludes a particular family of view subtrees.
|
| viewSubtree |
.1.3.6.1.2.1.21.3.1.1.2 |
|
The view subtree which, in combination with the
corresponding instance of viewMask, defines a
family of view subtrees. This family is included
in, or excluded from the particular SNMP party's
MIB view, according to the value of the
corresponding instance of viewStatus.
|
| viewStatus |
.1.3.6.1.2.1.21.3.1.1.3 |
|
The status of a particular family of view
subtrees within the particular SNMP party's MIB
view. The value 'included(1)' indicates that the
corresponding instances of viewSubtree and
viewMask define a family of view subtrees included
in the MIB view. The value 'excluded(2)'
indicates that the corresponding instances of
viewSubtree and viewMask define a family of view
subtrees excluded from the MIB view.
Setting an instance of this object to the value
'invalid(3)' has the effect of invalidating the
presence or absence of the corresponding family of
view subtrees in the corresponding SNMP party's
MIB view.
It is an implementation-specific matter as to
whether the agent removes an invalidated entry
from the table. Accordingly, management stations
must be prepared to receive from agents tabular
information corresponding to entries not currently
in use. Proper interpretation of such entries
requires examination of the relevant viewStatus
object.
|
| viewMask |
.1.3.6.1.2.1.21.3.1.1.4 |
|
The bit mask which, in combination with the
corresponding instance of viewSubtree, defines a
family of view subtrees.
Each bit of this bit mask corresponds to a sub-
identifier of viewSubtree, with the most
significant bit of the i-th octet of this octet
string value (extended if necessary, see below)
corresponding to the (8*i - 7)-th sub-identifier,
and the least significant bit of the i-th octet of
this octet string corresponding to the (8*i)-th
sub-identifier, where i is in the range 1 through
16.
Each bit of this bit mask specifies whether or not
the corresponding sub-identifiers must match when
determining if an Object Identifier is in this
family of view subtrees; a '1' indicates that an
exact match must occur; a '0' indicates 'wild
card', i.e., any sub-identifier value matches.
Thus, the Object Identifier X of an object
instance is contained in a family of view subtrees
if the following criteria are met:
for each sub-identifier of the value of
viewSubtree, either:
the i-th bit of viewMask is 0, or
the i-th sub-identifier of X is equal to
the i-th sub-identifier of the value of
viewSubtree.
If the value of this bit mask is M bits long and
there are more than M sub-identifiers in the
corresponding instance of viewSubtree, then the
bit mask is extended with 1's to be the required
length.
Note that when the value of this object is the
zero-length string, this extension rule results in
a mask of all-1's being used (i.e., no 'wild
card'), and the family of view subtrees is the one
view subtree uniquely identified by the
corresponding instance of viewSubtree.
|
