idnits 2.17.1 draft-garcia-martinez-cgamib-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There is 1 instance of too long lines in the document, the longest one being 1 character in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but does not include the phrase in its RFC 2119 key words list. -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (September 10, 2012) is 4239 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) No issues found here. Summary: 1 error (**), 0 flaws (~~), 2 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Individual Submission A. Garcia-Martinez 3 Internet-Draft M. Bagnulo 4 Intended status: Standards Track UC3M 5 Expires: March 14, 2013 September 10, 2012 7 Management Information Base for Cryptographically Generated Addresses 8 (CGA) 9 draft-garcia-martinez-cgamib-05 11 Abstract 13 This memo defines a portion of the Management Information Base (MIB) 14 for managing Cryptographically Generated Addresses (CGA). 16 Status of this Memo 18 This Internet-Draft is submitted in full conformance with the 19 provisions of BCP 78 and BCP 79. 21 Internet-Drafts are working documents of the Internet Engineering 22 Task Force (IETF). Note that other groups may also distribute 23 working documents as Internet-Drafts. The list of current Internet- 24 Drafts is at http://datatracker.ietf.org/drafts/current/. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference 29 material or to cite them other than as "work in progress." 31 This Internet-Draft will expire on March 14, 2013. 33 Copyright Notice 35 Copyright (c) 2012 IETF Trust and the persons identified as the 36 document authors. All rights reserved. 38 This document is subject to BCP 78 and the IETF Trust's Legal 39 Provisions Relating to IETF Documents 40 (http://trustee.ietf.org/license-info) in effect on the date of 41 publication of this document. Please review these documents 42 carefully, as they describe your rights and restrictions with respect 43 to this document. Code Components extracted from this document must 44 include Simplified BSD License text as described in Section 4.e of 45 the Trust Legal Provisions and are provided without warranty as 46 described in the Simplified BSD License. 48 Table of Contents 50 1. The Internet-Standard Management Framework . . . . . . . . . . 3 51 2. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 52 3. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3 53 4. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 4 54 5. Security Considerations . . . . . . . . . . . . . . . . . . . 17 55 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18 56 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 19 57 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 19 58 8.1. Normative References . . . . . . . . . . . . . . . . . . . 19 59 8.2. Informative References . . . . . . . . . . . . . . . . . . 20 60 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 20 62 1. The Internet-Standard Management Framework 64 For a detailed overview of the documents that describe the current 65 Internet-Standard Management Framework, please refer to section 7 of 66 RFC 3410 [RFC3410]. Managed objects are accessed via a virtual 67 information store, termed the Management Information Base or MIB. 68 MIB objects are generally accessed through the Simple Network 69 Management Protocol (SNMP). Objects in the MIB are defined using the 70 mechanisms defined in the Structure of Management Information (SMI). 71 This memo specifies a MIB module that is compliant to the SMIv2, 72 which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 73 [RFC2579] and STD 58, RFC 2580 [RFC2580]. 75 2. Overview 77 This document defines the portion of the Management Information Base 78 (MIB) to be used for managing Cryptographically Generated Addresses 79 (CGA) [RFC3972]. CGA addresses are IPv6 addresses for which the 80 interface identifier is generated by computing a one-way hash 81 function from a public signature key and some auxiliary parameters. 82 Therefore, CGA are represented in this MIB module as values of the 83 InetAddressIPv6 type defined in [RFC4001]. 85 Two tables are defined, cgaLocalTable for representing the 86 information about CGA local to the managed node, and cgaRemoteTable 87 for representing CGA of nodes with which the managed node is 88 communicating to. 90 Rows in the cgaLocalTable may be created by means of the management 91 protocol. Once a row for a CGA has been created in the 92 cgaLocalTable, it can be used as a local address by the node when the 93 configuration of the corresponding rows in the ipAddressTable 94 [RFC4293] is completed. A discrete spin lock object is used to 95 coordinate the creation of rows by different managers. 97 Rows in the cgaRemoteTable are created as a result of CGA-aware 98 protocol operation, such as SEND [RFC3971] or Shim6 [RFC5533] 99 operation. 101 3. Conventions 103 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 104 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 105 document are to be interpreted as described in RFC 2119 [RFC2119]. 107 4. Definitions 109 CGA-MIB DEFINITIONS ::= BEGIN 111 IMPORTS 113 MODULE-IDENTITY, 114 OBJECT-TYPE, 115 mib-2, 116 zeroDotZero FROM SNMPv2-SMI 117 TEXTUAL-CONVENTION, 118 TestAndIncr, 119 RowStatus, 120 StorageType, 121 TimeStamp, 122 RowPointer FROM SNMPv2-TC 123 MODULE-COMPLIANCE, 124 OBJECT-GROUP FROM SNMPv2-CONF 125 InetAddressIPv6 FROM INET-ADDRESS-MIB; 127 cgaMIB MODULE-IDENTITY 128 LAST-UPDATED "201209100000Z" 129 ORGANIZATION "IETF" 130 CONTACT-INFO 131 "Editor: 133 Alberto Garcia-Martinez 134 U. Carlos III de Madrid 135 Avenida Universidad, 30 136 Leganes, Madrid 28911 137 Spain 138 Email: alberto.garcia@uc3m.es" 140 DESCRIPTION 141 " The MIB module for managing Cryptographically Generated 142 Addresses (CGA) [RFC3972]. 144 Copyright (c) 2012 IETF Trust and the persons identified 145 as the document authors. All rights reserved. 146 This version of this MIB module is part of RFC yyyy; see 147 the RFC itself for full legal notices." 149 -- RFC Ed.: replace yyyy with actual RFC number & remove this 150 -- note 152 REVISION "201209100000Z" 153 DESCRIPTION 154 "Initial version, published as RFC yyyy." 156 -- RFC Ed.: replace yyyy with actual RFC number & remove 157 -- this note 159 ::= { mib-2 XXX } 161 -- RFC Ed.: replace XXX with actual number assigned by IANA 162 -- & remove this note 164 -- 165 -- The textual conventions we define and use in this MIB. 166 -- 168 CgaModifier ::= TEXTUAL-CONVENTION 169 DISPLAY-HINT "16x" 170 STATUS current 171 DESCRIPTION 172 "This is a binary string of 16 octets in network byte- 173 order representing a 128-bit unsigned integer, which 174 models the 'Modifier' parameter of the CGA." 175 SYNTAX OCTET STRING (SIZE (16)) 177 CgaCollisionCount ::= TEXTUAL-CONVENTION 178 STATUS current 179 DESCRIPTION 180 "This enumerated integer models the 'Collision Count' 181 parameter of the CGA." 182 SYNTAX INTEGER { 183 zerocollisions(0), 184 onecollision(1), 185 twocollisions(2) 186 } 188 CgaKeyInfo::= TEXTUAL-CONVENTION 189 DISPLAY-HINT "1024x" 190 STATUS current 191 DESCRIPTION 192 "Variable-length field containing the key (either public 193 or private) of the address (CGA) owner. The key MUST be 194 formatted as a DER-encoded [CCITT.X690.2002] ASN.1 195 structure of the type SubjectPublicKeyInfo, defined in the 196 Internet X.509 certificate profile [RFC5280]. When RSA is 197 used, the algorithm identifier MUST be 'rsaEncryption', 198 which is 1.2.840.113549.1.1.1, and the RSA public key MUST 199 be formatted by using the RSAPublicKey type as specified 200 in Section 2.3.1 of RFC 3279 [RFC3279]. 201 The length of this field is determined by the ASN.1 202 encoding." 203 REFERENCE "RFC 3279, RFC 5280, ITU-T Recommendation X.690" 204 SYNTAX OCTET STRING (SIZE (0..1024)) 206 cga OBJECT IDENTIFIER ::= { cgaMIB 1 } 208 -- 209 -- Information related to local CGA 210 -- 212 cgaLocalSpinLock OBJECT-TYPE 213 SYNTAX TestAndIncr 214 MAX-ACCESS read-write 215 STATUS current 216 DESCRIPTION 217 "An advisory lock used to allow cooperating SNMP managers 218 to coordinate their use of the set operation in creating 219 or removing rows within the cgaLocalTable. Note that the 220 rows in the cgaLocalTable MUST remain unmodified (except 221 for the RowStatus columnar object) once the cgaLocalStatus 222 columnar object has been set to enabled(2). 223 In order to use this lock to coordinate the use of set 224 operations, managers SHOULD first retrieve 225 cgaLocalSpinLock. They SHOULD then determine the 226 appropriate row to create or remove (setting the 227 appropriate value to the cgaLocalRowStatus object). 228 Finally, they SHOULD issue the appropriate set command, 229 including the retrieved value of cgaLocalSpinLock. If 230 another manager has created or destroyed the row in the 231 meantime, then the value of cgaLocalSpinLock will have 232 changed, and the creation will fail as it will be 233 specifying an incorrect value for cgaLocalSpinLock. It is 234 suggested, but not required, that the cgaLocalSpinLock be 235 the first var bind for each set of objects representing a 236 'row' in a PDU." 237 ::= { cga 1 } 239 cgaLocalTable OBJECT-TYPE 240 SYNTAX SEQUENCE OF CgaLocalEntry 241 MAX-ACCESS not-accessible 242 STATUS current 243 DESCRIPTION 244 "This table contains information describing the CGA 245 parameters which can be used to configure local addresses 246 in the managed system." 247 ::= { cga 2 } 249 cgaLocalEntry OBJECT-TYPE 250 SYNTAX CgaLocalEntry 251 MAX-ACCESS not-accessible 252 STATUS current 253 DESCRIPTION 254 "Each row defines the information required to configure 255 and use a CGA as a local address in the managed system. 256 In order to have a local IP address configured as a CGA, 257 two conditions MUST be fulfilled: 258 + A row in the cgaLocalTable with cgaLocalStatus set 259 to enabled(2). The enabled(2) value can only be 260 set if the information held in the columnar objects 261 of the row is valid according to the verification 262 process defined in section 5 of [RFC3972]. 263 + A row IP-MIB:ipAddressTable with a IP- 264 MIB:ipAddressAddr value equal to the cgaLocalAddr, 265 with a IP-MIB:ipAddressRowStatus value set to 266 active(1), and with an appropriate IP- 267 MIB:ipAddressStatus value - for example, not 268 invalid(3) or inaccessible(4). 269 If the cgaLocalStatus of a row is set to enabled(2) when 270 the corresponding row in IP-MIB:ipAddressTable does not 271 exist, this row SHOULD be created and its IP- 272 MIB:ipAddressRowStatus value should be set to active(1). 273 In this case, the address MUST behave as a CGA since its 274 very activation as an IP address: For example, in a node 275 with SEND operation enabled, the Duplicate Address 276 Detection procedure for this address will be performed as 277 described in the SEND specification [RFC3971], using the 278 CGA-specific information. 279 If a local IP address is configured as a CGA, but the 280 corresponding row in the cgaLocalTable is made unusable or 281 the cgaLocalStatus value is set to a value different to 282 enabled(2), the CGA SHOULD continue to be usable as an IP 283 address, although CGA-aware protocols SHOULD stop using it 284 as a CGA. For example, Shim6 could keep the 285 communications established, although may not use the CGA 286 information for new communications; or could tear down all 287 communications using Shim6, and stop using the CGA. 288 If a row in the IP-MIB:ipAddressTable exists with its IP- 289 MIB:ipAddressRowStatus set to active(1) exists, but there 290 is no correspondent entry in the cgaLocalTable or the 291 corresponding entry has a cgaLocalStatus object set to a 292 value different to enabled(2), then the IP address is 293 configured, but it does not behave as a CGA. Then, 294 cgaLocalStatus value of the corresponding row in the 295 cgaLocalTable is set to to enabled(2), the node SHOULD 296 start using the address as a CGA for the operation of the 297 CGA-aware protocols. 298 If a row in the cgaLocalTable with the cgaLocalStatus 299 object set to enabled(2) exists, but the IP address is not 300 configured because there is no correspondent row in the 301 IP-MIB:ipAddressTable (for example, because it has been 302 removed after creation of the CGA) or the IP- 303 MIB:ipAddressRowStatus is not set to active(1), and then 304 the value IP-MIB:ipAddressRowStatus is set to active(1), 305 the node SHOULD start using the address as a CGA for the 306 operation of the CGA-aware protocols. 307 Once the value of the cgaLocalStatus of an entry has been 308 set once to enabled(2), the cgaLocalModifier, 309 cgaLocalCollisionCount, cgaLocalPublicKey, 310 cgaLocalPrivateKey and cgaLocalExtensionFields columnar 311 objects of the entry MUST remain unmodified. 312 The agent may generate new entries by other means than 313 network management." 314 INDEX { cgaLocalAddr } 315 ::= { cgaLocalTable 1 } 317 CgaLocalEntry ::= SEQUENCE { 318 cgaLocalAddr InetAddressIPv6, 319 cgaLocalModifier CgaModifier, 320 cgaLocalCollisionCount CgaCollisionCount, 321 cgaLocalPublicKey CgaKeyInfo, 322 cgaLocalPrivateKey CgaKeyInfo, 323 cgaLocalExtensionFields OCTET STRING, 324 cgaLocalStatus INTEGER, 325 cgaLocalAddrInfo RowPointer, 326 cgaLocalRowStatus RowStatus, 327 cgaLocalStorageType StorageType 328 } 330 cgaLocalAddr OBJECT-TYPE 331 SYNTAX InetAddressIPv6 332 MAX-ACCESS not-accessible 333 STATUS current 334 DESCRIPTION 335 "The CGA address to which this entry's information 336 pertains." 337 ::= { cgaLocalEntry 1 } 339 cgaLocalModifier OBJECT-TYPE 340 SYNTAX CgaModifier 341 MAX-ACCESS read-create 342 STATUS current 343 DESCRIPTION 344 "Binary string of 16 octets in network byte-order 345 representing a 128-bit unsigned integer, which models the 346 'Modifier' parameter. 347 This object MUST NOT be modified once the 348 cgaLocalRowStatus object has been set to enabled(2)." 349 ::= { cgaLocalEntry 2 } 351 cgaLocalCollisionCount OBJECT-TYPE 352 SYNTAX CgaCollisionCount 353 MAX-ACCESS read-create 354 STATUS current 355 DESCRIPTION 356 "This enumerated integer models the 'Collision Count' 357 parameter of the CGA. 358 This object MUST NOT be modified once the 359 cgaLocalRowStatus object has been set to enabled(2)." 360 ::= { cgaLocalEntry 3 } 362 cgaLocalPublicKey OBJECT-TYPE 363 SYNTAX CgaKeyInfo 364 MAX-ACCESS read-create 365 STATUS current 366 DESCRIPTION 367 "Variable-length field containing the public key of the 368 address owner which models the 'Public Key' parameter of 369 the CGA. 370 Upon a set operation, an 'inconsistentValue' error MUST be 371 returned if the value is not a DER-encoded ASN.1 structure 372 of the type SubjectPublicKeyInfo. 373 This object MUST NOT be modified once the 374 cgaLocalRowStatus object has been set to enabled(2)." 375 REFERENCE "RFC 3279, RFC 5280, ITU-T Recommendation X.690" 376 ::= { cgaLocalEntry 4 } 378 cgaLocalPrivateKey OBJECT-TYPE 379 SYNTAX CgaKeyInfo 380 MAX-ACCESS read-create 381 STATUS current 382 DESCRIPTION 383 "Variable-length field containing the private key of the 384 address owner which corresponds to the public key in 385 cgaLocalPublicKey. 386 Upon a set operation, an 'inconsistentValue' error MUST be 387 returned if the value is not a DER-encoded ASN.1 structure 388 of the type SubjectPublicKeyInfo. 390 This object MUST NOT be modified once the 391 cgaLocalRowStatus object has been set to enabled(2). 392 Note that read access to this object by an unintended 393 party allows this party to impersonate the identity 394 defined by any CGA of the node." 395 REFERENCE "RFC 3279, RFC 5280, ITU-T Recommendation X.690" 396 ::= { cgaLocalEntry 5 } 398 cgaLocalExtensionFields OBJECT-TYPE 399 SYNTAX OCTET STRING (SIZE (0..1024)) 400 MAX-ACCESS read-create 401 STATUS current 402 DESCRIPTION 403 "Optional variable-length field, defined as an opaque 404 type, modeling the 'Extension Fields' field of the CGA. 405 This object MUST NOT be modified once the 406 cgaLocalRowStatus object has been set to enabled(2)." 407 ::= { cgaLocalEntry 6 } 409 cgaLocalStatus OBJECT-TYPE 410 SYNTAX INTEGER { 411 notReady(1), 412 enabled(2), 413 invalid(3) } 414 MAX-ACCESS read-create 415 STATUS current 416 DESCRIPTION 417 "This columnar object indicates whether the row can be 418 used as a CGA in the managed system or not. 419 If the row is created but this object has not been set, 420 its value is notReady(1). In this state, the information 421 of the row MUST NOT be used for address configuration. In 422 addition, it cannot be assumed that the information is 423 valid according to the rules stated in section 5 of 424 [RFC3972] 425 If the administrator wants to made the CGA information in 426 this row ready to be used, he MUST set this columnar 427 object to enabled(2). The managed node MUST then check 428 the validity of the CGA according to the rules stated in 429 section 5 of [RFC3972]. If the validation is successful, 430 the state is changed to enabled(2). Otherwise, an 431 'inconsistentValue' error is returned, and the state is 432 set to invalid(3). 433 The administrator can set this columnar object to 434 notReady(1) to indicate that the information of the CGA is 435 no longer usable. 437 Note that the invalid(3) value cannot be requested to be 438 set." 439 DEFVAL { notReady } 440 ::= { cgaLocalEntry 7 } 442 cgaLocalAddrInfo OBJECT-TYPE 443 SYNTAX RowPointer 444 MAX-ACCESS read-only 445 STATUS current 446 DESCRIPTION 447 "Points to the corresponding row in IP-MIB:ipAddressTable 448 if the CGA address is locally configured in the managed 449 system. 450 If the CGA is not configured as a local address of the 451 node, it contains { 0 0 }." 452 DEFVAL { zeroDotZero } 453 ::= { cgaLocalEntry 8 } 455 cgaLocalRowStatus OBJECT-TYPE 456 SYNTAX RowStatus 457 MAX-ACCESS read-create 458 STATUS current 459 DESCRIPTION 460 "The status of this conceptual row. 461 A conceptual row can not be made active until all the 462 columnar objects, except for the cgaLocalStatus, have been 463 assigned a value. Note that validity of the CGA 464 information (according to to the rules stated in section 5 465 of [RFC3972]) is not required for this object to be 466 active(1)" 467 ::= { cgaLocalEntry 9 } 469 cgaLocalStorageType OBJECT-TYPE 470 SYNTAX StorageType 471 MAX-ACCESS read-create 472 STATUS current 473 DESCRIPTION 474 "The storage type for this conceptual row. If this object 475 has a value of 'permanent', then no other objects are 476 required to be able to be modified. 477 The values of the cgaLocalStorageType and of the 478 corresponding IP-MIB:ipAddressStorageType SHOULD be the 479 same." 480 DEFVAL { volatile } 481 ::= { cgaLocalEntry 10 } 483 -- 484 -- table to store information about the valid CGAs corresponding 485 -- to remote nodes 486 -- 488 cgaRemoteTable OBJECT-TYPE 489 SYNTAX SEQUENCE OF CgaRemoteEntry 490 MAX-ACCESS not-accessible 491 STATUS current 492 DESCRIPTION 493 "List of valid CGA addresses of remote nodes. Only valid 494 CGAs, according to the validation rules of section 5 of 495 [RFC3972], MUST appear in this table. 496 The agent populates the entries in this table with the 497 information obtained using a CGA-aware protocol (i.e. 498 SEND or Shim6), and operation with these protocols is 499 responsible for deleting the entry according to the rules 500 defined for their operation. Protocol-specific 501 information associated with the CGA MUST be managed in a 502 MIB specific for the considered protocol. Note that many 503 protocols could be using the same remote CGA. 504 Note in addition that each protocol may require different 505 rules for validating a CGA (for example, may vary in the 506 minimum bits required for the key length). 507 All the objects in this table are defined as read-only." 508 ::= { cga 3 } 510 cgaRemoteEntry OBJECT-TYPE 511 SYNTAX CgaRemoteEntry 512 MAX-ACCESS not-accessible 513 STATUS current 514 DESCRIPTION 515 "Information related with a remote CGA." 516 INDEX { cgaRemoteAddr } 517 ::= { cgaRemoteTable 1 } 519 CgaRemoteEntry ::= SEQUENCE { 520 cgaRemoteAddr InetAddressIPv6, 521 cgaRemoteModifier CgaModifier, 522 cgaRemoteCollisionCount CgaCollisionCount, 523 cgaRemotePublicKey CgaKeyInfo, 524 cgaRemoteExtensionFields OCTET STRING, 525 cgaRemoteCreated TimeStamp 526 } 528 cgaRemoteAddr OBJECT-TYPE 529 SYNTAX InetAddressIPv6 530 MAX-ACCESS not-accessible 531 STATUS current 532 DESCRIPTION 533 "The CGA IPv6 address of a remote node to which this 534 entry's information is associated." 535 ::= { cgaRemoteEntry 1 } 537 cgaRemoteModifier OBJECT-TYPE 538 SYNTAX CgaModifier 539 MAX-ACCESS read-only 540 STATUS current 541 DESCRIPTION 542 "Binary string of 16 octets in network byte-order 543 representing a 128-bit unsigned integer, which models the 544 'Modifier' parameter." 545 ::= { cgaRemoteEntry 2 } 547 cgaRemoteCollisionCount OBJECT-TYPE 548 SYNTAX CgaCollisionCount 549 MAX-ACCESS read-only 550 STATUS current 551 DESCRIPTION 552 "Enumerated integer which models the 'Collision Count' 553 parameter of the CGA." 554 ::= { cgaRemoteEntry 3 } 556 cgaRemotePublicKey OBJECT-TYPE 557 SYNTAX CgaKeyInfo 558 MAX-ACCESS read-only 559 STATUS current 560 DESCRIPTION 561 "Variable-length field containing the public key of the 562 remote node owner of the address, which models the 'Public 563 Key' parameter of the CGA." 564 ::= { cgaRemoteEntry 4 } 566 cgaRemoteExtensionFields OBJECT-TYPE 567 SYNTAX OCTET STRING (SIZE (0..1024)) 568 MAX-ACCESS read-only 569 STATUS current 570 DESCRIPTION 571 "Optional variable-length field. Defined as an opaque 572 type, containing the 'Extension Fields' of the CGA." 573 ::= { cgaRemoteEntry 5 } 575 cgaRemoteCreated OBJECT-TYPE 576 SYNTAX TimeStamp 577 MAX-ACCESS read-only 578 STATUS current 579 DESCRIPTION 580 "The value of the sysUpTime object at the time this entry 581 was created. If this entry was created prior to the last 582 re-initialization of the local network management 583 subsystem, then this object contains a zero value." 584 ::= { cgaRemoteEntry 6 } 586 -- 587 -- conformance information 588 -- 590 cgaMIBConformance OBJECT IDENTIFIER ::= { cgaMIB 2 } 592 cgaMIBCompliances OBJECT IDENTIFIER ::= { cgaMIBConformance 1 } 594 cgaMIBGroups OBJECT IDENTIFIER ::= { cgaMIBConformance 2 } 596 cgaMIBFullCompliance MODULE-COMPLIANCE 597 STATUS current 598 DESCRIPTION 599 "When this MIB is implemented for read-create access to 600 the information related to the local CGA, the 601 implementation can claim full compliance." 602 MODULE -- this module 603 MANDATORY-GROUPS { cgaLocalGroup, cgaRemoteGroup } 605 OBJECT cgaLocalRowStatus 606 SYNTAX RowStatus { active(1) } 607 WRITE-SYNTAX RowStatus { active(1), 608 createAndGo(4), destroy(6) } 609 DESCRIPTION 610 "Support for createAndWait and notInService is not 611 required." 613 ::= { cgaMIBCompliances 1 } 615 cgaMIBReadOnlyCompliance MODULE-COMPLIANCE 616 STATUS current 617 DESCRIPTION 618 "When this MIB is implemented without read-create access 619 to the information related to the local CGA, the 620 implementation can claim read-only compliance. 622 In this case the cgaLocalPrivateKey may or may not be 623 accessible." 624 MODULE -- this module 625 MANDATORY-GROUPS { cgaLocalGroup, cgaRemoteGroup } 627 OBJECT cgaLocalSpinLock 628 MIN-ACCESS not-accessible 629 DESCRIPTION 630 "An agent is not required to implement this object. 631 However, if an agent provides write access to any of the 632 other objects in the cgaLocalGroup, it SHOULD provide 633 write access to this object as well." 635 OBJECT cgaLocalModifier 636 MIN-ACCESS read-only 637 DESCRIPTION 638 "An agent is not required to provide write or create 639 access to this object." 641 OBJECT cgaLocalCollisionCount 642 MIN-ACCESS read-only 643 DESCRIPTION 644 "An agent is not required to provide write or create 645 access to this object." 647 OBJECT cgaLocalPublicKey 648 MIN-ACCESS read-only 649 DESCRIPTION 650 "An agent is not required to provide write or create 651 access to this object." 653 OBJECT cgaLocalPrivateKey 654 MIN-ACCESS not-accessible 655 DESCRIPTION 656 "An agent is not required to provide write or create 657 access to this object. Read access to this object is also 658 not required. If write access is not provided to other 659 objects in the cgaLocalGroup, or for security reasons, the 660 cgaLocalPrivateKey MAY not be readable." 662 OBJECT cgaLocalExtensionFields 663 MIN-ACCESS read-only 664 DESCRIPTION 665 "An agent is not required to provide write or create 666 access to this object." 668 OBJECT cgaLocalStatus 669 MIN-ACCESS read-only 670 DESCRIPTION 671 "An agent is not required to provide write or create 672 access to this object." 674 OBJECT cgaLocalRowStatus 675 SYNTAX RowStatus { active(1) } 676 MIN-ACCESS read-only 677 DESCRIPTION 678 "An agent is not required to provide write or create 679 access to this object. In this case, the only value 680 permitted is active(1)." 682 OBJECT cgaLocalStorageType 683 MIN-ACCESS read-only 684 DESCRIPTION 685 "An agent is not required to provide write or create 686 access to this object. If an agent allows this object to 687 be written or created, it is not required to allow this 688 object to be set to readOnly, permanent, or nonVolatile." 690 ::= { cgaMIBCompliances 2 } 692 -- group definitions 694 cgaLocalGroup OBJECT-GROUP 695 OBJECTS { 696 cgaLocalSpinLock, cgaLocalModifier, cgaLocalCollisionCount, 697 cgaLocalPublicKey, cgaLocalPrivateKey, 698 cgaLocalExtensionFields, cgaLocalStatus, cgaLocalAddrInfo, 699 cgaLocalRowStatus, cgaLocalStorageType } 700 STATUS current 701 DESCRIPTION 702 "The group of the elements representing the components of 703 the CGA Parameters data structure for the local node." 704 ::= { cgaMIBGroups 1 } 706 cgaRemoteGroup OBJECT-GROUP 707 OBJECTS { 708 cgaRemoteModifier, cgaRemoteCollisionCount, 709 cgaRemotePublicKey, cgaRemoteExtensionFields, 710 cgaRemoteCreated } 712 STATUS current 713 DESCRIPTION 714 "The group of the elements representing the components of 715 the CGA Parameters data structure for remote nodes." 716 ::= { cgaMIBGroups 2 } 718 END 720 5. Security Considerations 722 This document defines a MIB module which could be used to configure 723 CGA local to a node, which provides address ownership capabilities. 724 Since this configuration affects to the security services provided by 725 other protocols (such as SEND or Shim6), access through a management 726 protocol to this configuration data has to be carefully considered. 728 This document specifies two MODULE-COMPLIANCE statements, 729 cgaMIBFullCompliance allowing read-create access to local CGA 730 configuration, and cgaMIBReadOnlyCompliance allowing read-only access 731 to local CGA configuration and (optionally) no access to the private 732 key of the local CGA, cgaLocalPrivateKey. Therefore: 733 1. If read-only access is provided and cgaLocalPrivateKey is not- 734 accessible, the information disclosed in the cgaLocalTable is the 735 one provided by protocols using CGA to prove the identity of the 736 node considered to other nodes communicating with it. An 737 attacker could obtain in general this information by using a CGA- 738 aware protocol to request the CGA of the node. However, 739 filtering restrictions configured for these CGA-aware protocols 740 may not be enforced in the same way at the management protocol. 741 An additional concern is that an attacker could obtain the 742 information about a CGA (or many CGAs) without knowing any (all) 743 of them, since the attacker could use one of the addresses (may 744 be even not a CGA) to retrieve information from all the CGAs of 745 the node. In any case it must be noted that the information 746 disclosed when this configuration is in use cannot be used to 747 impersonate the identity of the node unless the CGA itself 748 becomes vulnerable to factoring attacks, since the private key is 749 not made available. 750 2. If read-only access is provided for all the objects of the 751 cgaLocalTable, including the cgaLocalPrivateKey columnar object, 752 higher risks arise, since in this case any node accessing to this 753 information could impersonate the node even if CGA-aware security 754 protocols are used. 755 3. If read-create access is provided to the rows of the 756 cgaLocalTable, besides the risks of accessing to 757 cgaLocalPrivateKey, an attacker can delete or disable the entry 758 associated to a CGA to prevent the node to benefit from the 759 authentication facilities provided by the combination of the CGA 760 addresses and CGA-aware protocols. New CGAs can be introduced in 761 the node, either to impersonate other nodes or to exhaust the 762 resources of the node. 764 The risks associated to the last two configuration scenarios are so 765 high that the following statement is made: the access to the managed 766 node SHOULD be as secure or more secure than the services which are 767 provided by the CGA. Only authorized administrators SHOULD be 768 allowed to configure a device. 770 The risks associated to the access to the cgaRemoteTable are similar 771 to the first case described when discussing the access to 772 cgaLocalTable. 774 SNMP versions prior to SNMPv3 did not include adequate security. 775 Even if the network itself is secure (for example by using IPSec), 776 even then, there is no control as to who on the secure network is 777 allowed to access and GET/SET (read/change/create/delete) the objects 778 in this MIB module. 780 It is RECOMMENDED that implementers consider the security features as 781 provided by the SNMPv3 framework (see [RFC3410], section 8), 782 including full support for the SNMPv3 cryptographic mechanisms (for 783 authentication and privacy). 785 Further, deployment of SNMP versions prior to SNMPv3 is NOT 786 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 787 enable cryptographic security. It is then a customer/operator 788 responsibility to ensure that the SNMP entity giving access to an 789 instance of this MIB module, is properly configured to give access to 790 the objects only to those principals (users) that have legitimate 791 rights to indeed GET or SET (change/create/delete) them. 793 6. IANA Considerations 795 The MIB module in this document uses the following IANA-assigned 796 OBJECT IDENTIFIER values recorded in the SMI Numbers registry: 798 Descriptor OBJECT IDENTIFIER value 799 ---------- ----------------------- 801 cga-MIB { mib-2 XXX } 803 Editor's Note (to be removed prior to publication): the IANA is 804 requested to assign a value for "XXX" under the 'mib-2' subtree and 805 to record the assignment in the SMI Numbers registry. When the 806 assignment has been made, the RFC Editor is asked to replace "XXX" 807 (here and in the MIB module) with the assigned value and to remove 808 this note. 810 7. Acknowledgements 812 The work of Alberto Garcia-Martinez was supported in part by T2C2 813 project (TIN2008-06739-C04-01, granted by the Spanish Science and 814 Innovation Ministry). 816 The authors would like to thank Suresh Krishnan for reviewing the 817 document. 819 8. References 821 8.1. Normative References 823 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 824 Requirement Levels", BCP 14, RFC 2119, March 1997. 826 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 827 Schoenwaelder, Ed., "Structure of Management Information 828 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. 830 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 831 Schoenwaelder, Ed., "Textual Conventions for SMIv2", 832 STD 58, RFC 2579, April 1999. 834 [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 835 "Conformance Statements for SMIv2", STD 58, RFC 2580, 836 April 1999. 838 [RFC3279] Bassham, L., Polk, W., and R. Housley, "Algorithms and 839 Identifiers for the Internet X.509 Public Key 840 Infrastructure Certificate and Certificate Revocation List 841 (CRL) Profile", RFC 3279, April 2002. 843 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 844 Housley, R., and W. Polk, "Internet X.509 Public Key 845 Infrastructure Certificate and Certificate Revocation List 846 (CRL) Profile", RFC 5280, May 2008. 848 [RFC3971] Arkko, J., Kempf, J., Zill, B., and P. Nikander, "SEcure 849 Neighbor Discovery (SEND)", RFC 3971, March 2005. 851 [RFC3972] Aura, T., "Cryptographically Generated Addresses (CGA)", 852 RFC 3972, March 2005. 854 [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. 855 Schoenwaelder, "Textual Conventions for Internet Network 856 Addresses", RFC 4001, February 2005. 858 [RFC4293] Routhier, S., "Management Information Base for the 859 Internet Protocol (IP)", RFC 4293, April 2006. 861 [RFC5533] Nordmark, E. and M. Bagnulo, "Shim6: Level 3 Multihoming 862 Shim Protocol for IPv6", RFC 5533, June 2009. 864 [CCITT.X690.2002] 865 International International Telephone and Telegraph 866 Consultative Committee, "ASN.1 encoding rules: 867 Specification of basic encoding Rules (BER), Canonical 868 encoding rules (CER) and Distinguished encoding rules 869 (DER)", CCITT Recommendation X.690, July 2002. 871 8.2. Informative References 873 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, 874 "Introduction and Applicability Statements for Internet- 875 Standard Management Framework", RFC 3410, December 2002. 877 Authors' Addresses 879 Alberto Garcia-Martinez 880 Universidad Carlos III de Madrid 881 Av. Universidad 30 882 Leganes, Madrid 28911 883 SPAIN 885 Phone: 34 91 6249500 886 Email: alberto@it.uc3m.es 887 URI: http://www.it.uc3m.es 888 Marcelo Bagnulo 889 U. Carlos III de Madrid 890 Av. Universidad 30 891 Leganes, Madrid 28911 892 Spain 894 Phone: +34 91 6248814 895 Email: marcelo@it.uc3m.es 896 URI: http://www.it.uc3m.es/