smilint output for ./IPSEC-ISAKMP-IKE-DOI-TC
| Message Severities |
|---|
| Severity | Count |
|---|
| warning | 22 |
| Message Types |
|---|
| Type | Count |
|---|
| module-name-suffix (warning) | 1 |
| type-unref (warning) | 21 |
Messages:
IPSEC-ISAKMP-IKE-DOI-TC
1: -- extracted from draft-ietf-ipsec-doi-tc-mib-07.txt
2: -- at Tue Mar 4 06:12:22 2003
52:
53: IpsecDoiSituation ::= TEXTUAL-CONVENTION
53: warning -
warning: current type `IpsecDoiSituation' is not referenced in this module
54: DISPLAY-HINT "x"
55: STATUS current
56: DESCRIPTION "The IPsec DOI Situation provides information that
57: can be used by the responder to make a policy
58: determination about how to process the incoming
59: Security Association request.
60:
61: It is a four (4) octet bitmask, with the following
62: values:
63:
64: sitIdentityOnly 0x01
65: sitSecrecy 0x02
66: sitIntegrity 0x04
67:
68: The upper two bits (0x80000000 and 0x40000000) are
69: reserved for private use amongst cooperating
70: systems."
71: REFERENCE "RFC 2407 sections 4.2 and 6.2"
72: SYNTAX Unsigned32 (0..4294967295)
73: -- The syntax is not BITS, because we want the representation
74: -- to be the same here as it is in the ISAKMP/IKE protocols.
75:
76:
77: IpsecDoiSecProtocolId ::= TEXTUAL-CONVENTION
77: warning -
warning: current type `IpsecDoiSecProtocolId' is not referenced in this module
78: STATUS current
79: DESCRIPTION "These are the IPsec DOI values for the Protocol-Id
80: field in an ISAKMP Proposal Payload, and in all
81: Notification Payloads.
82:
83: They are also used as the Protocol-ID In the
84: Notification Payload and the Delete Payload.
85:
86: The values 249-255 are reserved for private use
87: amongst cooperating systems."
88: REFERENCE "RFC 2407 section 4.4.1"
89: SYNTAX INTEGER {
90: reserved(0), -- reserved in DOI
91: protoIsakmp(1), -- message protection
92: -- required during Phase I
93: -- of the IKE protocol
94: protoIpsecAh(2), -- IP packet authentication
95: -- via Authentication Header
96: protoIpsecEsp(3), -- IP packet confidentiality
97: -- via Encapsulating
98: -- Security Payload
99: protoIpcomp(4) -- IP payload compression
100: }
101:
102: IpsecDoiTransformIdent ::= TEXTUAL-CONVENTION
102: warning -
warning: current type `IpsecDoiTransformIdent' is not referenced in this module
103: STATUS current
104: DESCRIPTION "The values of the IPsec DOI ISAKMP Transform
105: Identifier which identify a key exchange protocol
106: to be used for the negotiation. It is used in the
107: Transform-Id field of an IKE Phase I Transform
108: Payload.
109:
110: The values 249-255 are reserved for private use
111: amongst cooperating systems."
112: REFERENCE "RFC 2407 sections 4.4.2 and 6.3"
113: SYNTAX INTEGER {
114: reserved(0), -- reserved in DOI
115: keyIke(1) -- the hybrid ISAKMP/Oakley
116: -- Diffie-Hellman key
117: -- exchange
118: }
119:
120: IpsecDoiAhTransform ::= TEXTUAL-CONVENTION
120: warning -
warning: current type `IpsecDoiAhTransform' is not referenced in this module
121: STATUS current
122: DESCRIPTION "The values of the IPsec DOI AH Transform Identifier
123: which identify a particular algorithm to be
124: used to provide integrity protection for AH. It is
125: used in the Tranform-ID field of a ISAKMP Transform
126: Payload for the IPsec DOI, when the Protocol-Id of
127: the associated Proposal Payload is 2 (AH).
128:
129: The values 249-255 are reserved for private use
130: amongst cooperating systems."
131: REFERENCE "RFC 2407 sections 4.4.3 and 6.4,
132: IANA,
133: RFC 2857"
134: SYNTAX INTEGER {
135: reserved(0), -- reserved in DOI
136: reserved1(1), -- reserved
137: ahMd5(2), -- generic AH transform
138: -- using MD5
139: ahSha(3), -- generic AH transform
140: -- using SHA-1
141: ahDes(4), -- generic AH transform
142: -- using DES
143: ahSha256(5), -- generic AH transform
144: -- using SHA-256
145: ahSha384(6), -- generic AH transform
146: -- using SHA-384
147: ahSha512(7), -- generic AH transform
148: -- using SHA-512
149: ahRipemd(8) -- generic AH transform
150: -- using HMAC-RIPEMD-160-96
151: -- RFC 2857
152: }
153:
154: IpsecDoiEspTransform ::= TEXTUAL-CONVENTION
154: warning -
warning: current type `IpsecDoiEspTransform' is not referenced in this module
155: STATUS current
156: DESCRIPTION "The values of the IPsec DOI ESP Transform Identifier
157: which identify a particular algorithm to be used to
158: provide secrecy protection for ESP. It is used in
159: the Tranform-ID field of a ISAKMP Transform Payload
160: for the IPsec DOI, when the Protocol-Id of the
161: associated Proposal Payload is 2 (AH), 3 (ESP),
162: and 4 (IPCOMP).
163:
164: The values 249-255 are reserved for private use
165: amongst cooperating systems."
166: REFERENCE "RFC 2407 sections 4.4.4 and 6.5,
167: IANA"
168: SYNTAX INTEGER {
169: none(0), -- reserved in DOI, used
170: -- in MIBs to reflect no
171: -- encryption used
172: espDesIv64(1), -- DES-CBC transform defined
173: -- in RFC 1827 and RFC 1829
174: -- using a 64-bit IV
175: espDes(2), -- generic DES transform
176: -- using DES-CBC
177: esp3Des(3), -- generic triple-DES
178: -- transform
179: espRc5(4), -- RC5 transform
180: espIdea(5), -- IDEA transform
181: espCast(6), -- CAST transform
182: espBlowfish(7), -- BLOWFISH transform
183: esp3Idea(8), -- reserved for triple-IDEA
184: espDesIv32(9), -- DES-CBC transform defined
185: -- in RFC 1827 and RFC 1829
186: -- using a 32-bit IV
187: espRc4(10), -- reserved for RC4
188: espNull(11), -- no confidentiality
189: -- provided by ESP
190: espAes(12) -- NIST AES transform
191: }
192:
193: IpsecDoiAuthAlgorithm ::= TEXTUAL-CONVENTION
193: warning -
warning: current type `IpsecDoiAuthAlgorithm' is not referenced in this module
194: STATUS current
195: DESCRIPTION "The ESP Authentication Algorithm used in the IPsec
196: DOI as a SA Attributes definition in the Transform
197: Payload of Phase II of an IKE negotiation. This
198: set of values defines the AH authentication
199: algorithm, when the associated Proposal Payload has
200: a Protocol-ID of 2 (AH). This set of values
201: defines the ESP authentication algorithm, when the
202: associated Proposal Payload has a Protocol-ID
203: of 3 (ESP).
204:
205: Unused values <= 61439 are reserved to IANA.
206:
207: Values 61440-65535 are for private use.
208:
209: In a MIB, a value of 0 indicates that ESP
210: has been negotiated without authentication."
211: REFERENCE "RFC 2407 section 4.5,
212: RFC 2407 section 4.4.3.1,
213: RFC 1826,
214: IANA,
215: RFC 2857"
216: SYNTAX INTEGER {
217: none(0), -- reserved in DOI, used
218: -- in MIBs to reflect no
219: -- encryption used
220: hmacMd5(1), -- hashed MAC using MD5
221: hmacSha(2), -- hashed MAC using SHA-1
222: desMac(3), -- DES MAC
223: kpdk(4), -- RFC 1826
224: -- Key/Pad/Data/Key
225: hmacSha256(5), -- hashed MAC using SHA-256
226: hmacSha384(6), -- hashed MAC using SHA-384
227: hmacSha512(7), -- hashed MAC using SHA-512
228: hamcRipemd(8) -- hashed MAC using
229: -- RIPEMD-160-96
230: }
231:
232: IpsecDoiIpcompTransform ::= TEXTUAL-CONVENTION
232: warning -
warning: current type `IpsecDoiIpcompTransform' is not referenced in this module
233: STATUS current
234: DESCRIPTION "The IPsec DOI IPCOMP Transform Identifier is an
235: 8-bit value which identifies a particular algorithm
236: to be used to provide IP-level compression before
237: ESP. It is used in the Tranform-ID field of a ISAKMP
238: Transform Payload for the IPsec DOI, when the
239: Protocol-Id of the associated Proposal Payload
240: is 4 (IPCOMP).
241:
242: The values 1-47 are reserved for algorithms for which
243: an RFC has been approved for publication.
244: The values 48-63 are reserved for private use amongst
245: cooperating systems.
246:
247: The values 64-255 are reserved for future expansion."
248: REFERENCE "RFC 2407 sections 4.4.5 and 6.6,
249: RFC 3051"
250: SYNTAX INTEGER {
251: reserved(0), -- reserved in DOI
252: ipcompOui(1), -- proprietary compression
253: -- transform
254: ipcompDeflate(2), -- "zlib" deflate algorithm
255: ipcompLzs(3), -- Stac Electronics LZS
256: ipcompLzjh(4) -- ITU-T V.44 packet method
257: }
258:
259: IpsecDoiEncapsulationMode ::= TEXTUAL-CONVENTION
259: warning -
warning: current type `IpsecDoiEncapsulationMode' is not referenced in this module
260: STATUS current
261: DESCRIPTION "The Encapsulation Mode used as an IPsec DOI
262: SA Attributes definition in the Transform Payload
263: of a Phase II IKE negotiation. This set of
264: values defines encapsulation modes used for AH,
265: ESP, and IPCOMP when the associated Proposal Payload
266: has a Protocol-ID of 3 (ESP).
267:
268: Unused values <= 61439 are reserved to IANA.
269:
270: Values 61440-65535 are for private use."
271: SYNTAX INTEGER {
272: reserved(0), -- reserved in DOI
273: tunnel(1),
274: transport(2)
275: }
276:
277: IpsecDoiIdentType ::= TEXTUAL-CONVENTION
277: warning -
warning: current type `IpsecDoiIdentType' is not referenced in this module
278: STATUS current
279: DESCRIPTION "The IPsec DOI Identification Type is an 8-bit value
280: which is used in the ID Type field as a discriminant
281: for interpretation of the variable-length
282: Identification Payload.
283:
284: The values 249-255 are reserved for private use
285: amongst cooperating systems."
286: REFERENCE "RFC 2407 sections 4.4.5, 4.6.2.1, and 6.9"
287: SYNTAX INTEGER {
288: reserved(0), -- reserved in DOI
289: idIpv4Addr(1), -- a single four (4) octet
290: -- IPv4 address
291:
292: idFqdn(2), -- fully-qualified domain
293: -- name string
294: idUserFqdn(3), -- fully-qualified username
295: -- string
296: idIpv4AddrSubnet(4),
297: -- a range of IPv4 addresses,
298: -- represented by two
299: -- four (4) octet values,
300: -- where the first is an
301: -- address and the second
302: -- is a mask
303: idIpv6Addr(5), -- a single sixteen (16)
304: -- octet IPv6 address
305: idIpv6AddrSubnet(6),
306: -- a range of IPv6 addresses,
307: -- represented by two
308: -- sixteen (16) octet values,
309: -- where the first is an
310: -- address and the second
311: -- is a mask
312: idIpv4AddrRange(7), -- a range of IPv4 addresses,
313: -- represented by two
314: -- four (4) octet values,
315: -- where the first is the
316: -- beginning IPv4 address
317: -- and the second is the
318: -- ending IPv4 address
319: idIpv6AddrRange(8), -- a range of IPv6 addresses,
320: -- represented by two
321: -- sixteen (16) octet values,
322: -- where the first is the
323: -- beginning IPv6 address
324: -- and the second is the
325: -- ending IPv6 address
326: idDerAsn1Dn(9), -- the binary DER encoding of
327: -- ASN1 X.500
328: -- DistinguishedName
329: idDerAsn1Gn(10), -- the binary DER encoding of
330: -- ASN1 X.500 GeneralName
331: idKeyId(11) -- opaque byte stream which
332: -- may be used to pass
333: -- vendor-specific
334: -- information
335: }
336:
337: -- The second group of textual conventions are based on defintions
338: -- the ISAKMP protocol, RFC 2408.
339: IsakmpDOI ::= TEXTUAL-CONVENTION
339: warning -
warning: current type `IsakmpDOI' is not referenced in this module
340: STATUS current
341: DESCRIPTION "These are the domain of interpretation values for
342: the ISAKMP Protocol. They are a 32-bit value
343: used in the Domain of Interpretation field of the
344: Security Association Payload.
345:
346: Unused values <= 4294967295 are reserved to
347: the IANA."
348: REFERENCE "RFC 2048 section 3.4."
349: SYNTAX INTEGER {
350: isakmp(0), -- generic ISAKMP SA in
351: -- Phase 1, which can be
352: -- used for any protocol
353: -- in Phase 2
354: ipsecDOI(1) -- the IPsec DOI as
355: -- specified in RFC 2407
356: }
357:
358: IsakmpCertificateEncoding ::= TEXTUAL-CONVENTION
358: warning -
warning: current type `IsakmpCertificateEncoding' is not referenced in this module
359: STATUS current
360: DESCRIPTION "These are the values for the types of
361: certificate-related information contained in the
362: Certificate Data field of a Certificate Payload.
363: They are used in the Cert Encoding field of the
364: Certificate Payload.
365:
366: Values 11-255 are reserved."
367: REFERENCE "RFC 2408 section 3.9"
368: SYNTAX INTEGER {
369: pkcs7(1), -- PKCS #7 wrapped
370: -- X.509 certificate
371: pgp(2), -- PGP Certificate
372: dnsSignedKey(3), -- DNS Signed Key
373: x509Signature(4), -- X.509 Certificate:
374: -- Signature
375: x509KeyExchange(5), -- X.509 Certificate:
376: -- Key Exchange
377: kerberosTokens(6), -- Kerberos Tokens
378: crl(7), -- Certificate Revocation
379: -- List (CRL)
380: arl(8), -- Authority Revocation
381: -- List (ARL)
382: spki(9), -- SPKI Certificate
383: x509Attribute(10) -- X.509 Certificate:
384: -- Attribute
385: }
386:
387: IsakmpExchangeType ::= TEXTUAL-CONVENTION
387: warning -
warning: current type `IsakmpExchangeType' is not referenced in this module
388: --
389: -- When revising IsakmpExchangeType, consider revising
390: -- IkeExchangeType as well.
391: --
392: STATUS current
393: DESCRIPTION "These are the values used for the exchange types in
394: the ISAKMP header.
395:
396: Values up to 31 are reserved for future
397: DOI-independent assignment for ISAKMP.
398:
399: The values 240-255 are reserved for private use
400: amongst cooperating systems."
401: REFERENCE "RFC 2408 section 3.1"
402: SYNTAX INTEGER {
403: reserved(0),
404: base(1), -- base mode
405: identityProtect(2), -- identity protection
406: authOnly(3), -- authentication only
407: aggressive(4), -- aggressive mode
408: informational(5) -- informational
409: }
410:
411: IsakmpNotifyMessageType ::= TEXTUAL-CONVENTION
411: warning -
warning: current type `IsakmpNotifyMessageType' is not referenced in this module
412: --
413: -- If you change this, you probably want to
414: -- change IkeNotifyMessageType.
415: --
416: STATUS current
417: DESCRIPTION "These are the values for the types of notification
418: messages. They are used as the Notify Message Type
419: field in the Notification Payload.
420:
421: This textual convention merges the types
422: for error types (in the range 1-16386) and for
423: notification types (in the range 16384-65535).
424:
425: The values 16001-16383 are reserved for private use
426: as error types amongst cooperating systems.
427:
428: The values 24576-32767 are reserved for use in
429: each DOI. Each DOI should have a clone of this
430: textual convention adding local values.
431:
432: The values 32768-40958 are reserved for private use
433: as notification types amongst cooperating systems."
434:
435: REFERENCE "RFC 2408 section 3.14.1"
436: SYNTAX INTEGER {
437:
438: -- Values defined for errors in ISAKMP
439: --
440: reserved(0), -- reserved in DOI
441: invalidPayloadType(1),
442: doiNotSupported(2),
443: situationNotSupported(3),
444: invalidCookie(4),
445: invalidMajorVersion(5),
446: invalidMinorVersion(6),
447: invalidExchangeType(7),
448: invalidFlags(8),
449: invalidMessageId(9),
450: invalidProtocolId(10),
451: invalidSpi(11),
452: invalidTransformId(12),
453: attributesNotSupported(13),
454: noProposalChosen(14),
455: badProposalSyntax(15),
456: payloadMalformed(16),
457: invalidKeyInformation(17),
458: invalidIdInformation(18),
459: invalidCertEncoding(19),
460: invalidCertificate(20),
461: certTypeUnsupported(21),
462: invalidCertAuthority(22),
463: invalidHashInformation(23),
464: authenticationFailed(24),
465: invalidSignature(25),
466: addressNotification(26),
467: notifySaLifetime(27),
468: certificateUnavailable(28),
469: unsupportedExchangeType(29),
470: unequalPayloadLengths(30),
471:
472: -- values defined for errors in IPsec DOI
473: -- (none)
474:
475: -- values defined for notification in ISAKMP
476: --
477: connected(16384)
478:
479: -- values defined for notification in
480: -- each DOI (clone this TC)
481: }
482:
483: -- The third group of textual conventions are based on defintions
484: -- the IKE key exchange protocol, RFC 2409.
485:
486: IkeExchangeType ::= TEXTUAL-CONVENTION
486: warning -
warning: current type `IkeExchangeType' is not referenced in this module
487: STATUS current
488: DESCRIPTION "These are the values used for the exchange types in
489: the ISAKMP header.
490:
491: The values 32-239 are DOI-specific, these values are
492: for the IPsec DOI used by IKE.
493:
494: The values 240-255 are reserved for private use
495: amongst cooperating systems."
496: REFERENCE "RFC 2409 Appendix A"
497: SYNTAX INTEGER {
498: reserved(0),
499: base(1), -- base mode
500: mainMode(2), -- main mode
501: authOnly(3), -- authentication only
502: aggressive(4), -- aggressive mode
503: informational(5), -- informational
504: reservedDontUse(6), -- reserved, not to be used
505: quickMode(32), -- quick mode
506: newGroupMode(33) -- new group mode
507: }
508:
509: IkeEncryptionAlgorithm ::= TEXTUAL-CONVENTION
509: warning -
warning: current type `IkeEncryptionAlgorithm' is not referenced in this module
510: STATUS current
511: DESCRIPTION "Values for encryption algorithms negotiated
512: for the ISAKMP SA by IKE in Phase I. These are
513: values for SA Attrbute type Encryption
514: Algorithm (1).
515:
516: Unused values <= 65000 are reserved to IANA.
517:
518: Values 65001-65535 are for private use among
519: mutually consenting parties."
520: REFERENCE "RFC 2409 appendix A,
521: IANA"
522: SYNTAX INTEGER {
523: reserved(0), -- reserved in IKE
524: desCbc(1), -- RFC 2405
525: ideaCbc(2),
526: blowfishCbc(3),
527: rc5R16B64Cbc(4), -- RC5 R16 B64 CBC
528: tripleDesCbc(5), -- 3DES CBC
529: castCbc(6),
530: aesCbc(7)
531: }
532:
533: IkeHashAlgorithm ::= TEXTUAL-CONVENTION
533: warning -
warning: current type `IkeHashAlgorithm' is not referenced in this module
534: STATUS current
535: DESCRIPTION "Values for hash algorithms negotiated
536: for the ISAKMP SA by IKE in Phase I. These are
537: values for SA Attrbute type Hash Algorithm (2).
538:
539: Unused values <= 65000 are reserved to IANA.
540:
541: Values 65001-65535 are for private use among
542: mutually consenting parties."
543: REFERENCE "RFC 2409 appendix A,
544: IANA"
545: SYNTAX INTEGER {
546: reserved(0), -- reserved in IKE
547: md5(1), -- RFC 1321
548: sha(2), -- FIPS 180-1
549: tiger(3),
550: sha256(4),
551: sha384(5),
552: sha512(6)
553: }
554:
555: IkeAuthMethod ::= TEXTUAL-CONVENTION
555: warning -
warning: current type `IkeAuthMethod' is not referenced in this module
556: STATUS current
557: DESCRIPTION "Values for authentication methods negotiated
558: for the ISAKMP SA by IKE in Phase I. These are
559: values for SA Attrbute type Authentication
560: Method (3).
561:
562: Unused values <= 65000 are reserved to IANA.
563:
564: Values 65001-65535 are for private use among
565: mutually consenting parties."
566: REFERENCE "RFC 2409 appendix A,
567: IANA"
568: SYNTAX INTEGER {
569: reserved(0), -- reserved in IKE
570: preSharedKey(1),
571: dssSignatures(2),
572: rsaSignatures(3),
573: encryptionWithRsa(4),
574: revisedEncryptionWithRsa(5),
575: reservedDontUse6(6), -- not to be used
576: reservedDontUse7(7), -- not to be used
577: ecdsaSignatures(8)
578: }
579:
580: IkeGroupDescription ::= TEXTUAL-CONVENTION
580: warning -
warning: current type `IkeGroupDescription' is not referenced in this module
581: STATUS current
582: DESCRIPTION "Values for Oakley key computation groups for
583: Diffie-Hellman exchange negotiated for the ISAKMP
584: SA by IKE in Phase I. They are also used in Phase II
585: when perfect forward secrecy is in use. These are
586: values for SA Attrbute type Group Description (4).
587:
588: Unused values <= 32767 are reserved to IANA.
589:
590: Values 32768-65535 are for private use among
591: mutually consenting parties."
592: REFERENCE "RFC 2409 appendix A,
593: IANA"
594: SYNTAX INTEGER {
595: none(0), -- reserved in IKE, used
596: -- in MIBs to reflect that
597: -- none of the predefined
598: -- groups are used
599: modp768(1), -- default 768-bit MODP group
600: modp1024(2), -- alternate 1024-bit MODP
601: -- group
602: ec2nGF155(3), -- EC2N group on Galois
603: -- Field GF[2^155]
604: ec2nGF185(4), -- EC2N group on Galois
605: -- Field GF[2^185]
606: ec2nGF163Random(6), -- EC2N group on Galois
607: -- Field GF[2^163],
608: -- random seed
609: ec2nGF163Koblitz(7),
610: -- EC2N group on Galois
611: -- Field GF[2^163],
612: -- Koblitz curve
613: ec2nGF283Random(8), -- EC2N group on Galois
614: -- Field GF[2^283],
615: -- random seed
616: ec2nGF283Koblitz(9),
617: -- EC2N group on Galois
618: -- Field GF[2^283],
619: -- Koblitz curve
620: ec2nGF409Random(10),
621: -- EC2N group on Galois
622: -- Field GF[2^409],
623: -- random seed
624:
625: ec2nGF409Koblitz(11),
626: -- EC2N group on Galois
627: -- Field GF[2^409],
628: -- Koblitz curve
629: ec2nGF571Random(12),
630: -- EC2N group on Galois
631: -- Field GF[2^571],
632: -- random seed
633: ec2nGF571Koblitz(13)
634: -- EC2N group on Galois
635: -- Field GF[2^571],
636: -- Koblitz curve
637: }
638:
639: IkeGroupType ::= TEXTUAL-CONVENTION
639: warning -
warning: current type `IkeGroupType' is not referenced in this module
640: STATUS current
641: DESCRIPTION "Values for Oakley key computation group types
642: negotiated for the ISAKMP SA by IKE in Phase I.
643: They are also used in Phase II when perfect forward
644: secrecy is in use. These are values for SA Attribute
645: type Group Type (5)."
646: REFERENCE "RFC 2409 appendix A"
647: SYNTAX INTEGER {
648: reserved(0), -- reserved in IKE
649: modp(1), -- modular eponentiation
650:
651: -- group
652: ecp(2), -- elliptic curve group over
653: -- Galois Field GF[P]
654: ec2n(3) -- elliptic curve group over
655: -- Galois Field GF[2^N]
656: }
657:
658: IkePrf ::= TEXTUAL-CONVENTION
658: warning -
warning: current type `IkePrf' is not referenced in this module
659: DISPLAY-HINT "d"
660: STATUS current
661: DESCRIPTION "Values for Pseudo-Random Functions used with
662: with the hash algorithm negotiated for the ISAKMP SA
663: by IKE in Phase I. There are currently no
664: pseudo-random functions defined, the default HMAC is
665: always used. These are values for SA Attribute type
666: PRF (13).
667:
668: Unused values <= 65000 are reserved to IANA.
669:
670: Values 65001-65535 are for private use among
671: mutually consenting parties."
672:
673: REFERENCE "RFC 2409 appendix A"
674: SYNTAX Unsigned32 (0..65535)
675:
676: IkeNotifyMessageType ::= TEXTUAL-CONVENTION
676: warning -
warning: current type `IkeNotifyMessageType' is not referenced in this module
677: STATUS current
678: DESCRIPTION "These are the values for the types of notification
679: messages. They are used as the Notify Message Type
680: field in the Notification Payload.
681:
682: This textual convention merges the types
683: for error types (in the range 1-16386) and for
684: notification types (in the range 16384-65535).
685:
686: This textual convention is a merge of values
687: defined by ISAKMP with the additional values
688: defined in the IPsec DOI.
689:
690: The values 16001-16383 are reserved for private use
691: as error types amongst cooperating systems.
692:
693: The values 32001-32767 are reserved for private use
694: as notification types amongst cooperating systems."
695: REFERENCE "RFC 2408 section 3.14.1 and RFC 2407 sections 4.6.3
696: and 6.10"
697: SYNTAX INTEGER {
698:
699: -- Values defined for errors in ISAKMP
700: --
701: unknown(0), -- reserved in DOI
702: -- used for unknown in MIBs
703: invalidPayloadType(1),
704: doiNotSupported(2),
705: situationNotSupported(3),
706: invalidCookie(4),
707: invalidMajorVersion(5),
708: invalidMinorVersion(6),
709: invalidExchangeType(7),
710: invalidFlags(8),
711: invalidMessageId(9),
712: invalidProtocolId(10),
713: invalidSpi(11),
714: invalidTransformId(12),
715: attributesNotSupported(13),
716: noProposalChosen(14),
717: badProposalSyntax(15),
718: payloadMalformed(16),
719: invalidKeyInformation(17),
720: invalidIdInformation(18),
721: invalidCertEncoding(19),
722: invalidCertificate(20),
723: certTypeUnsupported(21),
724: invalidCertAuthority(22),
725: invalidHashInformation(23),
726: authenticationFailed(24),
727: invalidSignature(25),
728: addressNotification(26),
729: notifySaLifetime(27),
730: certificateUnavailable(28),
731: unsupportedExchangeType(29),
732: unequalPayloadLengths(30),
733:
734: -- values defined for errors in IPsec DOI
735: -- (none)
736:
737: -- values defined for notification in ISAKMP
738: -- (none)
739:
740: -- values defined for notification in IPsec
741: -- DOI
742: responderLifetime(24576),
743: -- used to communicate IPsec
744: -- SA lifetime chosen by the
745: -- responder
746:
747: replayStatus(24577),
748: -- used for positive
749: -- confirmation of the
750: -- responder's election on
751: -- whether or not he is to
752: -- perform anti-replay
753: -- detection
754:
755: initialContact(24578)
756: -- used when one side wishes
757: -- to inform the other that
758: -- this is the first SA being
759: -- established with the
760: -- remote system
761: }
762: END
762: warning -
warning: module name `IPSEC-ISAKMP-IKE-DOI-TC' should match `*-MIB'
763:
764: --
765: -- Copyright (C) The Internet Society (2003). All Rights Reserved.
766: --
767: -- This document and translations of it may be copied and furnished to
768: -- others, and derivative works that comment on or otherwise explain it
769: -- or assist in its implementation may be prepared, copied, published
770: -- and distributed, in whole or in part, without restriction of any
771: -- kind, provided that the above copyright notice and this paragraph are
772: -- included on all such copies and derivative works. However, this
773: -- document itself may not be modified in any way, such as by removing
774: -- the copyright notice or references to the Internet Society or other
775: -- Internet organizations, except as needed for the purpose of
776: -- developing Internet standards in which case the procedures for
777: -- copyrights defined in the Internet Standards process must be
778: -- followed, or as required to translate it into languages other than
779: -- English.
780: --
781: -- The limited permissions granted above are perpetual and will not be
782: -- revoked by the Internet Society or its successors or assigns.
783: --
784: -- This document and the information contained herein is provided on an
785: -- "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
786: -- TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
787: -- BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
788: -- HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
789: -- MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
790: --
791: -- Expires August 2003
792: