Re: draft-ietf-snmpsec-partyv2-00.txt

{3COM/PDD/PeteW}@pdd.3mail.3com.com Fri, 15 January 1993 18:09 UTC

Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa15153; 15 Jan 93 13:09 EST
Received: from CNRI.RESTON.VA.US by IETF.CNRI.Reston.VA.US id aa15149; 15 Jan 93 13:09 EST
Received: from SLEEPY.TIS.COM by CNRI.Reston.VA.US id aa15775; 15 Jan 93 13:10 EST
Received: from sleepy.tis.com by sleepy.TIS.COM id ab13354; 15 Jan 93 17:28 GMT
Received: from tis.com by sleepy.TIS.COM id aa13352; 15 Jan 93 12:21 EST
Received: from gatekeeper.3Com.COM by TIS.COM (4.1/SUN-5.64) id AA02542; Fri, 15 Jan 93 12:21:23 EST
Received: from gw.3Com.COM by gatekeeper.3Com.COM with SMTP id AA24380 (5.65c/IDA-1.4.4-910725 for <snmp-sec-dev@tis.com>); Fri, 15 Jan 1993 09:21:08 -0800
Received: by gw.3Com.COM id AA03002 (5.65c/IDA-1.4.4 for snmp-sec-dev@tis.com); Fri, 15 Jan 1993 09:21:07 -0800
Date: Fri, 15 Jan 1993 11:55:00 -0800
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: {3COM/PDD/PeteW}@pdd.3mail.3com.com
Subject: Re: draft-ietf-snmpsec-partyv2-00.txt
To: snmp-sec-dev@tis.com
Message-Id: <930115.092359@3Mail.3Com.COM>
Msg-Date: 1993-01-15
Msg-Time: 11:51

Microsoft Mail v3.0 IPM.Microsoft Mail.Note
From: Wilson, Peter
To:  A-Secure-SNMP
Subject:  Re: draft-ietf-snmpsec-partyv2-00.txt
Date: 1993-01-15 11:49
Priority: 
Message ID: FEA075B7
Conversation ID: FEA075B7

------------------------------------------------------------------------------

Hi Marshall,
I have this terrible feeling that I'm missing something incredibly obvious 
so please be patient if I am!

> Thanks for the note.  I'm looking at the version that was just posted to
> I-Ds.  It looks like the noAuth/noPriv parties use context 1 and the
> md5Auth/* parties use context 2.  Context 1 refers to view 1 and context
> 2 refers to view 2.  view 1 is system+snmpStats+snmpParties.  view 2 is
> internet.
>
> FIrst, do we agree that this is what it says?
>
> Second, do we agree that this is correct?

I agree that it says what your description of what it says.

So the secure access view has no access to the snmpParty MIB group, but 
no-auth/no-priv does. Why? Shouldn't it actually be the other way around? 
ie:

initialParty.a.b.c.d.2  ---> initialParty.a.b.c.d.1 ----> context.2 
(internet)
initialParty.a.b.c.d.4  ---> initialParty.a.b.c.d.3 ----> context.1 
(system+snmpStats+snmpParties)
initialParty.a.b.c.d.6  ---> initialParty.a.b.c.d.5 ----> context.2 
(system+snmpStats+snmpParties)

Pete