Connected: An Internet Encyclopedia
3.1. Generating a Message
Up:
Connected: An Internet Encyclopedia
Up:
Requests For Comments
Up:
RFC 1446
Up:
3. Digest Authentication Protocol
Prev: 3. Digest Authentication Protocol
Next: 3.2. Receiving a Message
3.1. Generating a Message
3.1. Generating a Message
This section describes the behavior of a SNMPv2 entity when it
acts as a SNMPv2 party for which the authentication protocol
is administratively specified as the Digest Authentication
Protocol. Insofar as the behavior of a SNMPv2 entity when
transmitting protocol messages is defined generically in [1],
only those aspects of that behavior that are specific to the
Digest Authentication Protocol are described below. In
particular, this section describes the encapsulation of a
SNMPv2 management communication into a SNMPv2 authenticated
management communication.
According to Section 3.1 of [1], a SnmpAuthMsg value is
constructed during Step 3 of generic processing. In
particular, it states the authInfo component is constructed
according to the authentication protocol identified for the
SNMPv2 party originating the message. When the relevant
authentication protocol is the Digest Authentication Protocol,
the procedure performed by a SNMPv2 entity whenever a
management communication is to be transmitted by a SNMPv2
party is as follows.
- The local database is consulted to determine the
authentication clock and private authentication key
(extracted, for example, according to the conventions
defined in Section 1.5.1) of the SNMPv2 party originating
the message. The local database is also consulted to
determine the authentication clock of the receiving
SNMPv2 party.
- The authSrcTimestamp component is set to the retrieved
authentication clock value of the message's source. The
authDstTimestamp component is set to the retrieved
authentication clock value of the message's intended
recipient.
- The authentication digest is temporarily set to the
private authentication key of the SNMPv2 party
originating the message. The SnmpAuthMsg value is
serialized according to the conventions of [13] and [12].
A digest is computed over the octet sequence representing
that serialized value using, for example, the algorithm
specified in Section 1.5.1. The authDigest component is
set to the computed digest value.
As set forth in [1], the SnmpAuthMsg value is then
encapsulated according to the appropriate privacy protocol
into a SnmpPrivMsg value. This latter value is then
serialized and transmitted to the receiving SNMPv2 party.
Next: 3.2. Receiving a Message
Connected: An Internet Encyclopedia
3.1. Generating a Message