-- the SNMPv2 party database group snmpParties OBJECT IDENTIFIER ::= { partyMIBObjects 1 } partyTable OBJECT-TYPE SYNTAX SEQUENCE OF PartyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The SNMPv2 Party database." ::= { snmpParties 1 } partyEntry OBJECT-TYPE SYNTAX PartyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally held information about a particular SNMPv2 party." INDEX { IMPLIED partyIdentity } ::= { partyTable 1 } PartyEntry ::= SEQUENCE { partyIdentity Party, partyIndex INTEGER, partyTDomain OBJECT IDENTIFIER, partyTAddress TAddress, partyMaxMessageSize INTEGER, partyLocal TruthValue, partyAuthProtocol OBJECT IDENTIFIER, partyAuthClock Clock, partyAuthPrivate OCTET STRING, partyAuthPublic OCTET STRING, partyAuthLifetime INTEGER, partyPrivProtocol OBJECT IDENTIFIER, partyPrivPrivate OCTET STRING, partyPrivPublic OCTET STRING, partyCloneFrom Party, partyStorageType StorageType, partyStatus RowStatus } partyIdentity OBJECT-TYPE SYNTAX Party MAX-ACCESS not-accessible STATUS current DESCRIPTION "A party identifier uniquely identifying a particular SNMPv2 party." ::= { partyEntry 1 } partyIndex OBJECT-TYPE SYNTAX INTEGER (1..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "A unique value for each SNMPv2 party. The value for each SNMPv2 party must remain constant at least from one re-initialization of the entity's network management system to the next re- initialization." ::= { partyEntry 2 } partyTDomain OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS read-create STATUS current DESCRIPTION "Indicates the kind of transport service by which the party receives network management traffic." DEFVAL { snmpUDPDomain } ::= { partyEntry 3 } partyTAddress OBJECT-TYPE SYNTAX TAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The transport service address by which the party receives network management traffic, formatted according to the corresponding value of partyTDomain. For snmpUDPDomain, partyTAddress is formatted as a 4-octet IP Address concatenated with a 2-octet UDP port number." DEFVAL { '000000000000'H } ::= { partyEntry 4 } partyMaxMessageSize OBJECT-TYPE SYNTAX INTEGER (484..65507) MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum length in octets of a SNMPv2 message which this party will accept. For parties which execute at an agent, the agent initializes this object to the maximum length supported by the agent, and does not let the object be set to any larger value. For parties which do not execute at the agent, the agent must allow the manager to set this object to any legal value, even if it is larger than the agent can generate." DEFVAL { 484 } ::= { partyEntry 5 } partyLocal OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "An indication of whether this party executes at this SNMPv2 entity. If this object has a value of true(1), then the SNMPv2 entity will listen for SNMPv2 messages on the partyTAddress associated with this party. If this object has the value false(2), then the SNMPv2 entity will not listen for SNMPv2 messages on the partyTAddress associated with this party." DEFVAL { false } ::= { partyEntry 6 } partyAuthProtocol OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS read-create STATUS current DESCRIPTION "The authentication protocol by which all messages generated by the party are authenticated as to origin and integrity. The value noAuth signifies that messages generated by the party are not authenticated. Once an instance of this object is created, its value can not be changed." DEFVAL { v2md5AuthProtocol } ::= { partyEntry 7 } partyAuthClock OBJECT-TYPE SYNTAX Clock MAX-ACCESS read-create STATUS current DESCRIPTION "The authentication clock which represents the local notion of the current time specific to the party. This value must not be decremented unless the party's private authentication key is changed simultaneously." DEFVAL { 0 } ::= { partyEntry 8 } partyAuthPrivate OBJECT-TYPE SYNTAX OCTET STRING -- for v2md5AuthProtocol: (SIZE (16)) MAX-ACCESS read-create STATUS current DESCRIPTION "An encoding of the party's private authentication key which may be needed to support the authentication protocol. Although the value of this variable may be altered by a management operation (e.g., a SNMPv2 Set-Request), its value can never be retrieved by a management operation: when read, the value of this variable is the zero length OCTET STRING. The private authentication key is NOT directly represented by the value of this variable, but rather it is represented according to an encoding. This encoding is the bitwise exclusive-OR of the old key with the new key, i.e., of the old private authentication key (prior to the alteration) with the new private authentication key (after the alteration). Thus, when processing a received protocol Set operation, the new private authentication key is obtained from the value of this variable as the result of a bitwise exclusive-OR of the variable's value and the old private authentication key. In calculating the exclusive-OR, if the old key is shorter than the new key, zero-valued padding is appended to the old key. If no value for the old key exists, a zero-length OCTET STRING is used in the calculation." DEFVAL { ''H } -- the empty string ::= { partyEntry 9 } partyAuthPublic OBJECT-TYPE SYNTAX OCTET STRING -- for v2md5AuthProtocol: (SIZE (0..16)) MAX-ACCESS read-create STATUS current DESCRIPTION "A publically-readable value for the party. Depending on the party's authentication protocol, this value may be needed to support the party's authentication protocol. Alternatively, it may be used by a manager during the procedure for altering secret information about a party. (For example, by altering the value of an instance of this object in the same SNMPv2 Set-Request used to update an instance of partyAuthPrivate, a subsequent Get-Request can determine if the Set- Request was successful in the event that no response to the Set-Request is received, see [4].) The length of the value is dependent on the party's authentication protocol. If not used by the authentication protocol, it is recommended that agents support values of any length up to and including the length of the corresponding partyAuthPrivate object." DEFVAL { ''H } -- the empty string ::= { partyEntry 10 } partyAuthLifetime OBJECT-TYPE SYNTAX INTEGER (0..2147483647) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The lifetime (in units of seconds) which represents an administrative upper bound on acceptable delivery delay for protocol messages generated by the party. Once an instance of this object is created, its value can not be changed." DEFVAL { 300 } ::= { partyEntry 11 } partyPrivProtocol OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS read-create STATUS current DESCRIPTION "The privacy protocol by which all protocol messages received by the party are protected from disclosure. The value noPriv signifies that messages received by the party are not protected. Once an instance of this object is created, its value can not be changed." DEFVAL { noPriv } ::= { partyEntry 12 } partyPrivPrivate OBJECT-TYPE SYNTAX OCTET STRING -- for desPrivProtocol: (SIZE (16)) MAX-ACCESS read-create STATUS current DESCRIPTION "An encoding of the party's private encryption key which may be needed to support the privacy protocol. Although the value of this variable may be altered by a management operation (e.g., a SNMPv2 Set-Request), its value can never be retrieved by a management operation: when read, the value of this variable is the zero length OCTET STRING. The private encryption key is NOT directly represented by the value of this variable, but rather it is represented according to an encoding. This encoding is the bitwise exclusive-OR of the old key with the new key, i.e., of the old private encryption key (prior to the alteration) with the new private encryption key (after the alteration). Thus, when processing a received protocol Set operation, the new private encryption key is obtained from the value of this variable as the result of a bitwise exclusive-OR of the variable's value and the old private encryption key. In calculating the exclusive-OR, if the old key is shorter than the new key, zero-valued padding is appended to the old key. If no value for the old key exists, a zero-length OCTET STRING is used in the calculation." DEFVAL { ''H } -- the empty string ::= { partyEntry 13 } partyPrivPublic OBJECT-TYPE SYNTAX OCTET STRING -- for desPrivProtocol: (SIZE (0..16)) MAX-ACCESS read-create STATUS current DESCRIPTION "A publically-readable value for the party. Depending on the party's privacy protocol, this value may be needed to support the party's privacy protocol. Alternatively, it may be used by a manager as a part of its procedure for altering secret information about a party. (For example, by altering the value of an instance of this object in the same SNMPv2 Set-Request used to update an instance of partyPrivPrivate, a subsequent Get-Request can determine if the Set- Request was successful in the event that no response to the Set-Request is received, see [4].) The length of the value is dependent on the party's privacy protocol. If not used by the privacy protocol, it is recommended that agents support values of any length up to and including the length of the corresponding partyPrivPrivate object." DEFVAL { ''H } -- the empty string ::= { partyEntry 14 } partyCloneFrom OBJECT-TYPE SYNTAX Party MAX-ACCESS read-create STATUS current DESCRIPTION "The identity of a party to clone authentication and privacy parameters from. When read, the value { 0 0 } is returned. This value must be written exactly once, when the associated instance of partyStatus either does not exist or has the value `notReady'. When written, the value identifies a party, the cloning party, whose status column has the value `active'. The cloning party is used in two ways. One, if instances of the following objects do not exist for the party being created, then they are created with values identical to those of the corresponding objects for the cloning party: partyAuthProtocol partyAuthPublic partyAuthLifetime partyPrivProtocol partyPrivPublic Two, instances of the following objects are updated using the corresponding values of the cloning party: partyAuthPrivate partyPrivPrivate (e.g., the value of the cloning party's instance of the partyAuthPrivate object is XOR'd with the value of the partyAuthPrivate instances of the party being created.)" ::= { partyEntry 15 } partyStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for this conceptual row in the partyTable." DEFVAL { nonVolatile } ::= { partyEntry 16 } partyStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this conceptual row in the partyTable. A party is not qualified for activation until instances of all columns of its partyEntry row have an appropriate value. In particular: A value must be written to the Party's partyCloneFrom object. If the Party's partyAuthProtocol object has the value md5AuthProtocol, then the corresponding instance of partyAuthPrivate must contain a secret of the appropriate length. Further, at least one management protocol set operation updating the value of the party's partyAuthPrivate object must be successfully processed, before the partyAuthPrivate column is considered appropriately configured. If the Party's partyPrivProtocol object has the value desPrivProtocol, then the corresponding instance of partyPrivPrivate must contain a secret of the appropriate length. Further, at least one management protocol set operation updating the value of the party's partyPrivPrivate object must be successfully processed, before the partyPrivPrivate column is considered appropriately configured. Until instances of all corresponding columns are appropriately configured, the value of the corresponding instance of the partyStatus column is `notReady'." ::= { partyEntry 17 }