IETF Logo Mail Archive

Protocol Action: SNMPv3 to Draft

The IESG <iesg-secretary@ietf.org> Mon, 08 March 1999 17:35 UTC

Received: by ietf.org (8.9.1a/8.9.1a) id MAA04158 for ietf-123-outbound.10@ietf.org; Mon, 8 Mar 1999 12:35:02 -0500 (EST)
Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA03610; Mon, 8 Mar 1999 12:19:44 -0500 (EST)
Message-Id: <199903081719.MAA03610@ietf.org>
To: IETF-Announce:;
Cc: RFC Editor <rfc-editor@isi.edu>
Cc: Internet Architecture Board <iab@isi.edu>
Cc: snmpv3@portal.gw.tislabs.com
From: The IESG <iesg-secretary@ietf.org>
Subject: Protocol Action: SNMPv3 to Draft
Date: Mon, 08 Mar 1999 12:19:44 -0500
Sender: scoya@ns.cnri.reston.va.us


The IESG has approved publication of the following Internet-Drafts as Draft Standards:

o An Architecture for Describing SNMP Management Frameworks
  <draft-ietf-snmpv3-arch-05.txt>, replacing RFC2271

o Message Processing and Dispatching for the Simple Network Management
  Protocol (SNMP) <draft-ietf-snmpv3-mpc-05.txt>, replacing RFC2272

o SNMPv3 Applications <draft-ietf-snmpv3-appl-v2-03.txt>,
  replacing RFC2273

o User-based Security Model (USM) for version 3 of the Simple Network
  Management Protocol (SNMPv3) <draft-ietf-snmpv3-usm-v2-05.txt>,
  replacing RFC2274

o View-based Access Control Model (VACM) for the Simple Network Management 
  Protocol (SNMP) <draft-ietf-snmpv3-vacm-04.txt>, replacing RFC2275

The IESG also approved publication Introduction to Version 3 of the
Internet Standard Network Management Framework
<draft-ietf-snmpv3-intro-04.txt> as an Informational RFC.

These documents are the product of the SNMP Version 3 Working Group.
The IESG contact persons are Bert Wijnen and Harald Alvestrand.
 
 
Technical Summary
 
 The output of the SNMPv3 WG brings a number of enhancements to the
 Internet Standard for Network Management (STD xx) also known as SNMPv1:

  - Provides an architecture which defines a modular approach so that
    the SNMP protocol can evolve over time as needs for enhancements
    (e.g. new security algorithms) change.

  - Provides a Message Dispatching and Processing mechanism that allows
    for handling multiple versions of SNMP messages.

  - Provides a new SNMP version 3 Message format that provides for
    a secure exchange of SNMP messages between SNMP entities.

  - Provides a User-based Security Model which provides for
    authentication and privacy mechanisms. The model is based on the
    well know user-password (shared secret) paradigm. Authentication
    is provided using HMAC-MD5 or HMAC-SHA algorithms. Privacy is
    provided using DES in CBC mode.

  - Provides Access Control to management information using the
    View-based Access Control Model. This allows to grant or deny
    access to groups of users.

  - Describes a set of SNMP application types that provide the
    traditional SNMP agent and manager functionality.

  - Provides a set of MIBs that allow remote configuration of the
    SNMPv3 parameters for security, access control, notification
    fitering, notification destinations, proxy configuration.

Working Group Summary

 Since the SNMPv3 documents were published as Proposed Standards,
 quite a number of implementations have emerged. As a result, many
 questions came up that required clarifications to the document set.

 There were also a number of WG members who would like to see
 a different Access Control mechanism, specifically the way that
 users are grouped together. However, rough consensus was reached
 that the current Access Control is good enough to go forward.
 The architecture allows for new Access Control models to be
 added if such is needed.

 During the WG last call period there were about 100 postings
 to the snmpv3 list.  Of these, about 80 were related to the last
 call specifications and activities.  There were no comments related
 to the intro document or the interoperability report.  None of the last
 call related comments identified any major show stoppers with the
 specifications.

 The majority of the last call postings were related to clarification and
 usage interpretations.
 About one third of the last call related messages were related to
 notification filtering.  This was a fairly extensive discussion but
 there were no fundamental flaws identified in the discussion.
 Rough consensus was reached that:
 1) the wording of the current specifications permit more than one way to
 use these mechanisms
 2) having multiple ways to use these 'tools' may be a good thing
 3) this is not a reason to deny advancement.

 We believe that there is WG rough consensus for
 advancement of the specifications.

Protocol Quality

 The document set has been reviewd for the IESG by Harald Alvestrand
 and Bert Wijnen.

 There are currently more than 10 implementations of this protocol and
 the related MIBs. Interoperability tests have been carried as well as
 live demonstrations at trade shows.
 See the implementation report at

     http://www.ietf.org/IESG/SNMPv3-implementation

v2.23.0 | Report a Bug | By Email