-- extracted from draft-ietf-isms-tmsm-01.txt -- at Tue Mar 7 06:10:55 2006 TMSM-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, mib-2, Integer32, Unsigned32, Gauge32 FROM SNMPv2-SMI TestAndIncr FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF SnmpSecurityModel, SnmpAdminString, SnmpSecurityLevel, SnmpEngineID FROM SNMP-FRAMEWORK-MIB TransportAddress, TransportAddressType FROM TRANSPORT-ADDRESS-MIB ; tmsmMIB MODULE-IDENTITY LAST-UPDATED "200602270000Z" ORGANIZATION "ISMS Working Group" CONTACT-INFO "WG-EMail: isms@lists.ietf.org Subscribe: isms-request@lists.ietf.org Chairs: Juergen Quittek NEC Europe Ltd. Network Laboratories Kurfuersten-Anlage 36 69115 Heidelberg Germany +49 6221 90511-15 quittek@netlab.nec.de Juergen Schoenwaelder International University Bremen Campus Ring 1 28725 Bremen Germany +49 421 200-3587 j.schoenwaelder@iu-bremen.de Editor: David Harrington Effective Software 50 Harding Rd Portsmouth, New Hampshire 03801 USA +1 603-436-8634 ietfdbh@comcast.net " DESCRIPTION "The Transport Mapping Security Model Subsystem MIB Copyright (C) The Internet Society (2006). This version of this MIB module is part of RFC XXXX; see the RFC itself for full legal notices. -- NOTE to RFC editor: replace XXXX with actual RFC number -- for this document and remove this note " REVISION "200602270000Z" -- 27 February 2006 DESCRIPTION "The initial version, published in RFC XXXX. -- NOTE to RFC editor: replace XXXX with actual RFC number -- for this document and remove this note " ::= { mib-2 xxxx } -- RFC Ed.: replace xxxx with IANA-assigned number and -- remove this note -- ---------------------------------------------------------- -- -- subtrees in the TMSM-MIB -- ---------------------------------------------------------- -- tmsmNotifications OBJECT IDENTIFIER ::= { tmsmMIB 0 } tmsmObjects OBJECT IDENTIFIER ::= { tmsmMIB 1 } tmsmConformance OBJECT IDENTIFIER ::= { tmsmMIB 2 } -- ------------------------------------------------------------- -- Objects -- ------------------------------------------------------------- -- Statistics for the Transport Model Security Model Subsystem tmsmStats OBJECT IDENTIFIER ::= { tmsmObjects 1 } -- [discuss] do we need any tmsm stats? -- these should be for interoperability, not local debug. -- we could probably track session establishment failures -- although this really belongs in an SSH-MIB, not TMSM-MIB -- The tmsmSession Group tmsmSession OBJECT IDENTIFIER ::= { tmsmObjects 2 } tmsmSessionSpinLock OBJECT-TYPE SYNTAX TestAndIncr MAX-ACCESS read-write STATUS current DESCRIPTION "An advisory lock used to allow several cooperating TMSM security models to coordinate their use of facilities to create sessions in the tmsmSessionTable. " ::= { tmsmSession 1 } tmsmSessionCurrent OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The current number of established sessions. " ::= { tmsmSession 2 } tmsmSessionMaxSupported OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The maximum number of open sessions allowed. " ::= { tmsmSession 3 } tmsmSessionTable OBJECT-TYPE SYNTAX SEQUENCE OF TmsmSessionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table of currently available sessions configured in the SNMP engine's Local Configuration Datastore (LCD). Sessions are created as needed, and do not persist across network management system reboots. " ::= { tmsmSession 4 } tmsmSessionEntry OBJECT-TYPE SYNTAX TmsmSessionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A session configured in the SNMP engine's Local Configuration Datastore (LCD) for Transport Mapping Security Models. " INDEX { tmsmSessionID } ::= { tmsmSessionTable 1 } TmsmSessionEntry ::= SEQUENCE { tmsmSessionID Integer32, tmsmSessionTransport TransportAddressType, tmsmSessionAddress TransportAddress, tmsmSessionSecurityModel SnmpSecurityModel, tmsmSessionSecurityName SnmpAdminString, tmsmSessionSecurityLevel SnmpSecurityLevel, tmsmSessionEngineID SnmpEngineID } tmsmSessionID OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "A locally-unique identifier for a session. " ::= { tmsmSessionEntry 1 } tmsmSessionTransport OBJECT-TYPE SYNTAX TransportAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "The transport domain associated with this session. " ::= { tmsmSessionEntry 2 } tmsmSessionAddress OBJECT-TYPE SYNTAX TransportAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The transport address associated with this session. " ::= { tmsmSessionEntry 3 } tmsmSessionSecurityModel OBJECT-TYPE SYNTAX SnmpSecurityModel MAX-ACCESS read-only STATUS current DESCRIPTION "The Security Model associated with this session." ::= { tmsmSessionEntry 4 } tmsmSessionSecurityName OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-only STATUS current DESCRIPTION "A human readable string representing the principal in Security Model independent format. The default transformation of the Secure Shell Security Model dependent security ID to the securityName and vice versa is the identity function so that the securityName is the same as the SSH user name. " ::= { tmsmSessionEntry 5 } tmsmSessionSecurityLevel OBJECT-TYPE SYNTAX SnmpSecurityLevel MAX-ACCESS read-only STATUS current DESCRIPTION "The Level of Security at which SNMP messages can be sent using this session, in particular, one of: noAuthNoPriv - without authentication and without privacy, authNoPriv - with authentication but without privacy, authPriv - with authentication and with privacy. " DEFVAL { authPriv } ::= { tmsmSessionEntry 6 } tmsmSessionEngineID OBJECT-TYPE SYNTAX SnmpEngineID MAX-ACCESS read-only STATUS current DESCRIPTION "The administratively-unique identifier for the remote SNMP engine associated with this session. " ::= { tmsmSessionEntry 7 } -- ------------------------------------------------------------- -- tmsmMIB - Conformance Information -- ------------------------------------------------------------- tmsmGroups OBJECT IDENTIFIER ::= { tmsmConformance 1 } tmsmCompliances OBJECT IDENTIFIER ::= { tmsmConformance 2 } -- ------------------------------------------------------------- -- Units of conformance -- ------------------------------------------------------------- tmsmGroup OBJECT-GROUP OBJECTS { tmsmSessionCurrent, tmsmSessionMaxSupported, tmsmSessionTransport, tmsmSessionAddress, tmsmSessionSecurityModel, tmsmSessionSecurityName, tmsmSessionSecurityLevel, tmsmSessionEngineID, tmsmSessionSpinLock } STATUS current DESCRIPTION "A collection of objects for maintaining session information of an SNMP engine which implements the SNMP Secure Shell Security Model. " ::= { tmsmGroups 2 } -- ------------------------------------------------------------- -- Compliance statements -- ------------------------------------------------------------- tmsmCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for SNMP engines that support the TMSM-MIB" MODULE MANDATORY-GROUPS { tmsmGroup } ::= { tmsmCompliances 1 } END -- -- Copyright (C) The Internet Society (2006). -- -- This document is subject to the rights, licenses and restrictions -- contained in BCP 78, and except as set forth therein, the authors -- retain all their rights. -- -- This document and the information contained herein are provided on an -- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS -- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET -- ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, -- INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE -- INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED -- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. -- -- -- Intellectual Property -- -- The IETF takes no position regarding the validity or scope of any -- Intellectual Property Rights or other rights that might be claimed to -- pertain to the implementation or use of the technology described in -- this document or the extent to which any license under such rights -- might or might not be available; nor does it represent that it has -- made any independent effort to identify any such rights. Information -- on the procedures with respect to rights in RFC documents can be -- found in BCP 78 and BCP 79. -- -- Copies of IPR disclosures made to the IETF Secretariat and any -- assurances of licenses to be made available, or the result of an -- attempt made to obtain a general license or permission for the use of -- such proprietary rights by implementers or users of this -- specification can be obtained from the IETF on-line IPR repository at -- http://www.ietf.org/ipr. -- -- The IETF invites any interested party to bring to its attention any -- copyrights, patents or patent applications, or other proprietary -- rights that may cover technology that may be required to implement -- this standard. Please address the information to the IETF at -- ietf-ipr@ietf.org. -- --