-- extracted from draft-ietf-isms-transport-security-model-00.txt -- at Fri Oct 20 06:07:19 2006 TSM-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, OBJECT-IDENTITY, mib-2, Counter32, Integer32 FROM SNMPv2-SMI TestAndIncr, AutonomousType FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF SnmpAdminString, SnmpSecurityLevel, SnmpEngineID FROM SNMP-FRAMEWORK-MIB TransportAddress, TransportAddressType FROM TRANSPORT-ADDRESS-MIB TransportAddressSSH, transportDomainSSH FROM SSHTM-MIB ; tsmMIB MODULE-IDENTITY LAST-UPDATED "200509020000Z" ORGANIZATION "ISMS Working Group" CONTACT-INFO "WG-EMail: isms@lists.ietf.org Subscribe: isms-request@lists.ietf.org Chairs: Juergen Quittek NEC Europe Ltd. Network Laboratories Kurfuersten-Anlage 36 69115 Heidelberg Germany +49 6221 90511-15 quittek@netlab.nec.de Juergen Schoenwaelder International University Bremen Campus Ring 1 28725 Bremen Germany +49 421 200-3587 j.schoenwaelder@iu-bremen.de Editor: David Harrington Effective Software 50 Harding Rd Portsmouth, New Hampshire 03801 USA +1 603-436-8634 ietfdbh@comcast.net " DESCRIPTION "The Secure Shell Security Model MIB Copyright (C) The Internet Society (2006). This version of this MIB module is part of RFC XXXX; see the RFC itself for full legal notices. -- NOTE to RFC editor: replace XXXX with actual RFC number -- for this document and remove this note " REVISION "200509020000Z" -- 02 September 2005 DESCRIPTION "The initial version, published in RFC XXXX. -- NOTE to RFC editor: replace XXXX with actual RFC number -- for this document and remove this note " ::= { mib-2 xxxx } -- RFC Ed.: replace xxxx with IANA-assigned number and -- remove this note -- ---------------------------------------------------------- -- -- subtrees in the TSM-MIB -- ---------------------------------------------------------- -- tsmNotifications OBJECT IDENTIFIER ::= { tsmMIB 0 } tsmMIBObjects OBJECT IDENTIFIER ::= { tsmMIB 1 } tsmConformance OBJECT IDENTIFIER ::= { tsmMIB 2 } -- ------------------------------------------------------------- -- Objects -- ------------------------------------------------------------- -- Statistics for the Transport Security Model tsmStats OBJECT IDENTIFIER ::= { tsmMIBObjects 1 } -- [todo] do we need any stats? -- The tsmUser Group ************************************************ tsmUser OBJECT IDENTIFIER ::= { tsmMIBObjects 2 } tsmUserSpinLock OBJECT-TYPE SYNTAX TestAndIncr MAX-ACCESS read-write STATUS current DESCRIPTION "An advisory lock used to allow several cooperating Command Generator Applications to coordinate their use of facilities to alter the tsmUserTable. " ::= { tsmUser 1 } -- The table of valid users for the SSH Transport Model ******** tsmUserTable OBJECT-TYPE SYNTAX SEQUENCE OF tsmUserEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table of users configured in the SNMP engine's Local Configuration Datastore (LCD). To create a new user (i.e., to instantiate a new conceptual row in this table), it is recommended to follow this procedure: 1) GET(tsmUserSpinLock.0) and save in sValue. 2) SET(tsmUserSpinLock.0=sValue, tsmUserStatus=createAndWait) Finally, activate the new user: 3) SET(tsmUserStatus=active) The new user should now be available and ready to be used for SNMPv3 communication. The use of tsmUserSpinlock is to avoid conflicts with another SNMP command generator application which may also be acting on the tsmUserTable. " ::= { tsmUser 2 } tsmUserEntry OBJECT-TYPE SYNTAX tsmUserEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A user configured in the SNMP engine's Local Configuration Datastore (LCD) for the Session Security Model. " INDEX { tsmUserSecurityName } ::= { tsmUserTable 1 } tsmUserEntry ::= SEQUENCE { tsmUserSecurityName SnmpAdminString, tsmUserStorageType StorageType, tsmUserStatus RowStatus } tsmUserSecurityName OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-only STATUS current DESCRIPTION "A human readable string representing the user in Security Model independent format. [todo: Wehn used with transport models that perform authentication, the tsmUserSecurityName is the securityName passed in tmStateReference. " ::= { tsmUserEntry 1 } tsmUserStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for this conceptual row. It is an implementation issue to decide if a SET for a readOnly or permanent row is accepted at all. In some contexts this may make sense, in others it may not. If a SET for a readOnly or permanent row is not accepted at all, then a 'wrongValue' error must be returned. " DEFVAL { nonVolatile } ::= { tsmUserEntry 4 } tsmUserStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this conceptual row. Until instances of all corresponding columns are appropriately configured, the value of the corresponding instance of the tsmUserStatus column is 'notReady'. The RowStatus TC [RFC2579] requires that this DESCRIPTION clause states under which circumstances other objects in this row can be modified: The value of this object has no effect on whether other objects in this conceptual row can be modified. " ::= { tsmUserEntry 5 } -- ------------------------------------------------------------- -- tsmMIB - Conformance Information -- ------------------------------------------------------------- tsmGroups OBJECT IDENTIFIER ::= { tsmConformance 1 } tsmCompliances OBJECT IDENTIFIER ::= { tsmConformance 2 } -- ------------------------------------------------------------- -- Units of conformance -- ------------------------------------------------------------- tsmGroup OBJECT-GROUP OBJECTS { } STATUS current DESCRIPTION "A collection of objects for maintaining information of an SNMP engine which implements the SNMP Transport Security Model. " ::= { tsmGroups 2 } -- ------------------------------------------------------------- -- Compliance statements -- ------------------------------------------------------------- tsmCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for SNMP engines that support the TSM-MIB" MODULE MANDATORY-GROUPS { tsmGroup } ::= { tsmCompliances 1 } END -- -- Copyright (C) The Internet Society (2006). -- -- This document is subject to the rights, licenses and restrictions -- contained in BCP 78, and except as set forth therein, the authors -- retain all their rights. -- -- This document and the information contained herein are provided on an -- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS -- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET -- ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, -- INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE -- INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED -- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. -- -- Intellectual Property -- -- The IETF takes no position regarding the validity or scope of any -- Intellectual Property Rights or other rights that might be claimed to -- pertain to the implementation or use of the technology described in -- this document or the extent to which any license under such rights -- might or might not be available; nor does it represent that it has -- made any independent effort to identify any such rights. Information -- on the procedures with respect to rights in RFC documents can be -- found in BCP 78 and BCP 79. -- -- Copies of IPR disclosures made to the IETF Secretariat and any -- assurances of licenses to be made available, or the result of an -- attempt made to obtain a general license or permission for the use of -- such proprietary rights by implementers or users of this -- specification can be obtained from the IETF on-line IPR repository at -- http://www.ietf.org/ipr. -- -- The IETF invites any interested party to bring to its attention any -- copyrights, patents or patent applications, or other proprietary -- rights that may cover technology that may be required to implement -- this standard. Please address the information to the IETF at -- ietf-ipr@ietf.org. --