idnits 2.17.1 draft-ietf-isms-dtls-tm-10.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** You're using the IETF Trust Provisions' Section 6.b License Notice from 12 Sep 2009 rather than the newer Notice from 28 Dec 2009. (See https://trustee.ietf.org/license-info/) Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 362 has weird spacing: '...patcher v ...' == The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but does not include the phrase in its RFC 2119 key words list. == The document seems to contain a disclaimer for pre-RFC5378 work, but was first submitted on or after 10 November 2008. The disclaimer is usually necessary only for documents that revise or obsolete older RFCs, and that take significant amounts of text from those RFCs. If you can contact all authors of the source material and they are willing to grant the BCP78 rights to the IETF Trust, you can and should remove the disclaimer. Otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (April 14, 2010) is 5127 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC-isms-dtls-tm' is mentioned on line 2596, but not defined ** Obsolete normative reference: RFC 4347 (Obsoleted by RFC 6347) ** Obsolete normative reference: RFC 5246 (Obsoleted by RFC 8446) -- Obsolete informational reference (is this intentional?): RFC 4366 (Obsoleted by RFC 5246, RFC 6066) Summary: 3 errors (**), 0 flaws (~~), 5 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 ISMS W. Hardaker 3 Internet-Draft Sparta, Inc. 4 Intended status: Standards Track April 14, 2010 5 Expires: October 16, 2010 7 Transport Layer Security (TLS) Transport Model for SNMP 8 draft-ietf-isms-dtls-tm-10.txt 10 Abstract 12 This document describes a Transport Model for the Simple Network 13 Management Protocol (SNMP), that uses either the Transport Layer 14 Security protocol or the Datagram Transport Layer Security (DTLS) 15 protocol. The TLS and DTLS protocols provide authentication and 16 privacy services for SNMP applications. This document describes how 17 the TLS Transport Model (TLSTM) implements the needed features of a 18 SNMP Transport Subsystem to make this protection possible in an 19 interoperable way. 21 This transport model is designed to meet the security and operational 22 needs of network administrators. It supports sending of SNMP 23 messages over TLS/TCP and DTLS/UDP. The TLS mode can make use of 24 TCP's improved support for larger packet sizes and the DTLS mode 25 provides potentially superior operation in environments where a 26 connectionless (e.g. UDP) transport is preferred. Both TLS and DTLS 27 integrate well into existing public keying infrastructures. 29 This document also defines a portion of the Management Information 30 Base (MIB) for use with network management protocols. In particular 31 it defines objects for managing the TLS Transport Model for SNMP. 33 Status of this Memo 35 This Internet-Draft is submitted to IETF in full conformance with the 36 provisions of BCP 78 and BCP 79. 38 Internet-Drafts are working documents of the Internet Engineering 39 Task Force (IETF), its areas, and its working groups. Note that 40 other groups may also distribute working documents as Internet- 41 Drafts. 43 Internet-Drafts are draft documents valid for a maximum of six months 44 and may be updated, replaced, or obsoleted by other documents at any 45 time. It is inappropriate to use Internet-Drafts as reference 46 material or to cite them other than as "work in progress." 48 The list of current Internet-Drafts can be accessed at 49 http://www.ietf.org/ietf/1id-abstracts.txt. 51 The list of Internet-Draft Shadow Directories can be accessed at 52 http://www.ietf.org/shadow.html. 54 This Internet-Draft will expire on October 16, 2010. 56 Copyright Notice 58 Copyright (c) 2010 IETF Trust and the persons identified as the 59 document authors. All rights reserved. 61 This document is subject to BCP 78 and the IETF Trust's Legal 62 Provisions Relating to IETF Documents 63 (http://trustee.ietf.org/license-info) in effect on the date of 64 publication of this document. Please review these documents 65 carefully, as they describe your rights and restrictions with respect 66 to this document. Code Components extracted from this document must 67 include Simplified BSD License text as described in Section 4.e of 68 the Trust Legal Provisions and are provided without warranty as 69 described in the BSD License. 71 This document may contain material from IETF Documents or IETF 72 Contributions published or made publicly available before November 73 10, 2008. The person(s) controlling the copyright in some of this 74 material may not have granted the IETF Trust the right to allow 75 modifications of such material outside the IETF Standards Process. 76 Without obtaining an adequate license from the person(s) controlling 77 the copyright in such materials, this document may not be modified 78 outside the IETF Standards Process, and derivative works of it may 79 not be created outside the IETF Standards Process, except to format 80 it for publication as an RFC or to translate it into languages other 81 than English. 83 Table of Contents 85 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 86 1.1. Conventions . . . . . . . . . . . . . . . . . . . . . . . 8 87 2. The Transport Layer Security Protocol . . . . . . . . . . . . 9 88 3. How the TLSTM fits into the Transport Subsystem . . . . . . . 9 89 3.1. Security Capabilities of this Model . . . . . . . . . . . 11 90 3.1.1. Threats . . . . . . . . . . . . . . . . . . . . . . . 11 91 3.1.2. Message Protection . . . . . . . . . . . . . . . . . . 12 92 3.1.3. (D)TLS Connections . . . . . . . . . . . . . . . . . . 13 93 3.2. Security Parameter Passing . . . . . . . . . . . . . . . . 14 94 3.3. Notifications and Proxy . . . . . . . . . . . . . . . . . 14 95 4. Elements of the Model . . . . . . . . . . . . . . . . . . . . 15 96 4.1. X.509 Certificates . . . . . . . . . . . . . . . . . . . . 15 97 4.1.1. Provisioning for the Certificate . . . . . . . . . . . 15 98 4.2. (D)TLS Usage . . . . . . . . . . . . . . . . . . . . . . . 17 99 4.3. SNMP Services . . . . . . . . . . . . . . . . . . . . . . 17 100 4.3.1. SNMP Services for an Outgoing Message . . . . . . . . 18 101 4.3.2. SNMP Services for an Incoming Message . . . . . . . . 18 102 4.4. Cached Information and References . . . . . . . . . . . . 19 103 4.4.1. TLS Transport Model Cached Information . . . . . . . . 19 104 4.4.1.1. tmSecurityName . . . . . . . . . . . . . . . . . . 20 105 4.4.1.2. tmSessionID . . . . . . . . . . . . . . . . . . . 20 106 4.4.1.3. Session State . . . . . . . . . . . . . . . . . . 20 107 5. Elements of Procedure . . . . . . . . . . . . . . . . . . . . 20 108 5.1. Procedures for an Incoming Message . . . . . . . . . . . . 21 109 5.1.1. DTLS over UDP Processing for Incoming Messages . . . . 21 110 5.1.2. Transport Processing for Incoming SNMP Messages . . . 23 111 5.2. Procedures for an Outgoing SNMP Message . . . . . . . . . 24 112 5.3. Establishing or Accepting a Session . . . . . . . . . . . 25 113 5.3.1. Establishing a Session as a Client . . . . . . . . . . 26 114 5.3.2. Accepting a Session as a Server . . . . . . . . . . . 28 115 5.4. Closing a Session . . . . . . . . . . . . . . . . . . . . 29 116 6. MIB Module Overview . . . . . . . . . . . . . . . . . . . . . 29 117 6.1. Structure of the MIB Module . . . . . . . . . . . . . . . 29 118 6.2. Textual Conventions . . . . . . . . . . . . . . . . . . . 29 119 6.3. Statistical Counters . . . . . . . . . . . . . . . . . . . 30 120 6.4. Configuration Tables . . . . . . . . . . . . . . . . . . . 30 121 6.4.1. Notifications . . . . . . . . . . . . . . . . . . . . 30 122 6.5. Relationship to Other MIB Modules . . . . . . . . . . . . 30 123 6.5.1. MIB Modules Required for IMPORTS . . . . . . . . . . . 30 124 7. MIB Module Definition . . . . . . . . . . . . . . . . . . . . 31 125 8. Operational Considerations . . . . . . . . . . . . . . . . . . 52 126 8.1. Sessions . . . . . . . . . . . . . . . . . . . . . . . . . 52 127 8.2. Notification Receiver Credential Selection . . . . . . . . 53 128 8.3. contextEngineID Discovery . . . . . . . . . . . . . . . . 53 129 8.4. Transport Considerations . . . . . . . . . . . . . . . . . 54 130 9. Security Considerations . . . . . . . . . . . . . . . . . . . 54 131 9.1. Certificates, Authentication, and Authorization . . . . . 54 132 9.2. Use with SNMPv1/SNMPv2c Messages . . . . . . . . . . . . . 55 133 9.3. MIB Module Security . . . . . . . . . . . . . . . . . . . 55 134 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 57 135 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 58 136 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 58 137 12.1. Normative References . . . . . . . . . . . . . . . . . . . 58 138 12.2. Informative References . . . . . . . . . . . . . . . . . . 59 139 Appendix A. Target and Notification Configuration Example . . . . 60 140 A.1. Configuring the Notification Originator . . . . . . . . . 61 141 A.2. Configuring the Command Responder . . . . . . . . . . . . 62 142 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 63 144 1. Introduction 146 It is important to understand the modular SNMPv3 architecture as 147 defined by [RFC3411] and enhanced by the Transport Subsystem 148 [RFC5590]. It is also important to understand the terminology of the 149 SNMPv3 architecture in order to understand where the Transport Model 150 described in this document fits into the architecture and how it 151 interacts with the other architecture subsystems. For a detailed 152 overview of the documents that describe the current Internet-Standard 153 Management Framework, please refer to Section 7 of [RFC3410]. 155 This document describes a Transport Model that makes use of the 156 Transport Layer Security (TLS) [RFC5246] and the Datagram Transport 157 Layer Security (DTLS) Protocol [RFC4347], within a transport 158 subsystem [RFC5590]. DTLS is the datagram variant of the Transport 159 Layer Security (TLS) protocol [RFC5246]. The Transport Model in this 160 document is referred to as the Transport Layer Security Transport 161 Model (TLSTM). TLS and DTLS take advantage of the X.509 public 162 keying infrastructure [RFC5280]. While (D)TLS supports multiple 163 authentication mechanisms, this document only discusses X.509 164 certificate based authentication. Although other forms of 165 authentication are possible they are outside the scope of this 166 specification. This transport model is designed to meet the security 167 and operational needs of network administrators, operating in both 168 environments where a connectionless (e.g. UDP) transport is 169 preferred and in environments where large quantities of data need to 170 be sent (e.g. over a TCP based stream). Both TLS and DTLS integrate 171 well into existing public keying infrastructures. This document 172 supports sending of SNMP messages over TLS/TCP and DTLS/UDP. 174 This document also defines a portion of the Management Information 175 Base (MIB) for use with network management protocols. In particular 176 it defines objects for managing the TLS Transport Model for SNMP. 178 Managed objects are accessed via a virtual information store, termed 179 the Management Information Base or MIB. MIB objects are generally 180 accessed through the Simple Network Management Protocol (SNMP). 181 Objects in the MIB are defined using the mechanisms defined in the 182 Structure of Management Information (SMI). This memo specifies a MIB 183 module that is compliant to the SMIv2, which is described in STD 58: 184 [RFC2578], [RFC2579] and [RFC2580]. 186 The diagram shown below gives a conceptual overview of two SNMP 187 entities communicating using the TLS Transport Model (shown as "TLS 188 TM"). One entity contains a command responder and notification 189 originator application, and the other a command generator and 190 notification responder application. It should be understood that 191 this particular mix of application types is an example only and other 192 combinations are equally valid. Note: this diagram shows the 193 Transport Security Model (TSM) being used as the security model which 194 is defined in [RFC5591]. 196 +---------------------------------------------------------------------+ 197 | Network | 198 +---------------------------------------------------------------------+ 199 ^ | ^ | 200 |Notifications |Commands |Commands |Notifications 201 +---|---------------------|-------+ +--|---------------|--------------+ 202 | | V | | | V | 203 | +------------+ +------------+ | | +-----------+ +----------+ | 204 | | (D)TLS | | (D)TLS | | | | (D)TLS | | (D)TLS | | 205 | | (Client) | | (Server) | | | | (Client) | | (Server) | | 206 | +------------+ +------------+ | | +-----------+ +----------+ | 207 | ^ ^ | | ^ ^ | 208 | | | | | | | | 209 | +-------------+ | | +--------------+ | 210 | +-----|------------+ | | +-----|------------+ | 211 | | V | | | | V | | 212 | | +--------+ | +-----+ | | | +--------+ | +-----+ | 213 | | | TLS TM |<--------->|Cache| | | | | TLS TM |<--------->|Cache| | 214 | | +--------+ | +-----+ | | | +--------+ | +-----+ | 215 | |Transport Subsys. | ^ | | |Transport Subsys. | ^ | 216 | +------------------+ | | | +------------------+ | | 217 | ^ | | | ^ | | 218 | | +--+ | | | +--+ | 219 | v | | | V | | 220 | +-----+ +--------+ +-------+ | | | +-----+ +--------+ +-------+ | | 221 | | | |Message | |Securi.| | | | | | |Message | |Securi.| | | 222 | |Disp.| |Proc. | |Subsys.| | | | |Disp.| |Proc. | |Subsys.| | | 223 | | | |Subsys. | | | | | | | | |Subsys. | | | | | 224 | | | | | | | | | | | | | | | | | | 225 | | | | +----+ | | +---+ | | | | | | | +----+ | | +---+ | | | 226 | | <--->|v3MP|<--> |TSM|<--+ | | | <--->|v3MP|<--->|TSM|<--+ | 227 | | | | +----+ | | +---+ | | | | | | +----+ | | +---+ | | 228 | | | | | | | | | | | | | | | | 229 | +-----+ +--------+ +-------+ | | +-----+ +--------+ +-------+ | 230 | ^ | | ^ | 231 | | | | | | 232 | +-+------------+ | | +-+----------+ | 233 | | | | | | | | 234 | v v | | v V | 235 | +-------------+ +-------------+ | | +-------------+ +-------------+ | 236 | | COMMAND | | NOTIFICAT. | | | | COMMAND | | NOTIFICAT. | | 237 | | RESPONDER | | ORIGINATOR | | | | GENERATOR | | RECEIVER | | 238 | | application | | application | | | | application | | application | | 239 | +-------------+ +-------------+ | | +-------------+ +-------------+ | 240 | SNMP entity | | SNMP entity | 241 +---------------------------------+ +---------------------------------+ 243 1.1. Conventions 245 For consistency with SNMP-related specifications, this document 246 favors terminology as defined in STD 62, rather than favoring 247 terminology that is consistent with non-SNMP specifications. This is 248 consistent with the IESG decision to not require the SNMPv3 249 terminology be modified to match the usage of other non-SNMP 250 specifications when SNMPv3 was advanced to Full Standard. 252 "Authentication" in this document typically refers to the English 253 meaning of "serving to prove the authenticity of" the message, not 254 data source authentication or peer identity authentication. 256 The terms "manager" and "agent" are not used in this document 257 because, in the [RFC3411] architecture, all SNMP entities have the 258 capability of acting as manager, agent, or both depending on the SNMP 259 application types supported in the implementation. Where distinction 260 is required, the application names of command generator, command 261 responder, notification originator, notification receiver, and proxy 262 forwarder are used. See "SNMP Applications" [RFC3413] for further 263 information. 265 Large portions of this document simultaneously refer to both TLS and 266 DTLS when discussing TLSTM components that function equally with 267 either protocol. "(D)TLS" is used in these places to indicate that 268 the statement applies to either or both protocols as appropriate. 269 When a distinction between the protocols is needed they are referred 270 to independently through the use of "TLS" or "DTLS". The Transport 271 Model, however, is named "TLS Transport Model" and refers not to the 272 TLS or DTLS protocol but to the standard defined in this document, 273 which includes support for both TLS and DTLS. 275 Throughout this document, the terms "client" and "server" are used to 276 refer to the two ends of the (D)TLS transport connection. The client 277 actively opens the (D)TLS connection, and the server passively 278 listens for the incoming (D)TLS connection. An SNMP entity may act 279 as a (D)TLS client or server or both, depending on the SNMP 280 applications supported. 282 The User-Based Security Model (USM) [RFC3414] is a mandatory-to- 283 implement Security Model in STD 62. While (D)TLS and USM frequently 284 refer to a user, the terminology preferred in RFC3411 and in this 285 memo is "principal". A principal is the "who" on whose behalf 286 services are provided or processing takes place. A principal can be, 287 among other things, an individual acting in a particular role; a set 288 of individuals, with each acting in a particular role; an application 289 or a set of applications, or a combination of these within an 290 administrative domain. 292 Throughout this document, the term "session" is used to refer to a 293 secure association between two TLS Transport Models that permits the 294 transmission of one or more SNMP messages within the lifetime of the 295 session. The (D)TLS protocols also have an internal notion of a 296 session and although these two concepts of a session are related, 297 when the term "session" is used this document is referring to the 298 TLSTM's specific session and not directly to the (D)TLS protocol's 299 session. 301 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 302 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 303 document are to be interpreted as described in [RFC2119]. 305 2. The Transport Layer Security Protocol 307 (D)TLS provides authentication, data message integrity, and privacy 308 at the transport layer. (See [RFC4347]) 310 The primary goals of the TLS Transport Model are to provide privacy, 311 peer identity authentication and data integrity between two 312 communicating SNMP entities. The TLS and DTLS protocols provide a 313 secure transport upon which the TLSTM is based. Please refer to 314 [RFC5246] and [RFC4347] for complete descriptions of the protocols. 316 3. How the TLSTM fits into the Transport Subsystem 318 A transport model is a component of the Transport Subsystem. The TLS 319 Transport Model thus fits between the underlying (D)TLS transport 320 layer and the Message Dispatcher [RFC3411] component of the SNMP 321 engine and the Transport Subsystem. 323 The TLS Transport Model will establish a session between itself and 324 the TLS Transport Model of another SNMP engine. The sending 325 transport model passes unencrypted and unauthenticated messages from 326 the Dispatcher to (D)TLS to be encrypted and authenticated, and the 327 receiving transport model accepts decrypted and authenticated/ 328 integrity-checked incoming messages from (D)TLS and passes them to 329 the Dispatcher. 331 After a TLS Transport Model session is established, SNMP messages can 332 conceptually be sent through the session from one SNMP message 333 Dispatcher to another SNMP Message Dispatcher. If multiple SNMP 334 messages are needed to be passed between two SNMP applications they 335 MAY be passed through the same session. A TLSTM implementation 336 engine MAY choose to close the session to conserve resources. 338 The TLS Transport Model of an SNMP engine will perform the 339 translation between (D)TLS-specific security parameters and SNMP- 340 specific, model-independent parameters. 342 The diagram below depicts where the TLS Transport Model (shown as 343 "(D)TLS TM") fits into the architecture described in RFC3411 and the 344 Transport Subsystem: 346 +------------------------------+ 347 | Network | 348 +------------------------------+ 349 ^ ^ ^ 350 | | | 351 v v v 352 +-------------------------------------------------------------------+ 353 | +--------------------------------------------------+ | 354 | | Transport Subsystem | +--------+ | 355 | | +-----+ +-----+ +-------+ +-------+ | | | | 356 | | | UDP | | SSH | |(D)TLS | . . . | other |<--->| Cache | | 357 | | | | | TM | | TM | | | | | | | 358 | | +-----+ +-----+ +-------+ +-------+ | +--------+ | 359 | +--------------------------------------------------+ ^ | 360 | ^ | | 361 | | | | 362 | Dispatcher v | | 363 | +--------------+ +---------------------+ +----------------+ | | 364 | | Transport | | Message Processing | | Security | | | 365 | | Dispatch | | Subsystem | | Subsystem | | | 366 | | | | +------------+ | | +------------+ | | | 367 | | | | +->| v1MP |<--->| | USM | | | | 368 | | | | | +------------+ | | +------------+ | | | 369 | | | | | +------------+ | | +------------+ | | | 370 | | | | +->| v2cMP |<--->| | Transport | | | | 371 | | Message | | | +------------+ | | | Security |<--+ | 372 | | Dispatch <---->| +------------+ | | | Model | | | 373 | | | | +->| v3MP |<--->| +------------+ | | 374 | | | | | +------------+ | | +------------+ | | 375 | | PDU Dispatch | | | +------------+ | | | Other | | | 376 | +--------------+ | +->| otherMP |<--->| | Model(s) | | | 377 | ^ | +------------+ | | +------------+ | | 378 | | +---------------------+ +----------------+ | 379 | v | 380 | +-------+-------------------------+---------------+ | 381 | ^ ^ ^ | 382 | | | | | 383 | v v v | 384 | +-------------+ +---------+ +--------------+ +-------------+ | 385 | | COMMAND | | ACCESS | | NOTIFICATION | | PROXY | | 386 | | RESPONDER |<->| CONTROL |<->| ORIGINATOR | | FORWARDER | | 387 | | application | | | | applications | | application | | 388 | +-------------+ +---------+ +--------------+ +-------------+ | 389 | ^ ^ | 390 | | | | 391 | v v | 392 | +----------------------------------------------+ | 393 | | MIB instrumentation | SNMP entity | 394 +-------------------------------------------------------------------+ 396 3.1. Security Capabilities of this Model 398 3.1.1. Threats 400 The TLS Transport Model provides protection against the threats 401 identified by the RFC 3411 architecture [RFC3411]: 403 1. Modification of Information - The modification threat is the 404 danger that an unauthorized entity may alter in-transit SNMP 405 messages generated on behalf of an authorized principal in such a 406 way as to effect unauthorized management operations, including 407 falsifying the value of an object. 409 (D)TLS provides verification that the content of each received 410 message has not been modified during its transmission through the 411 network, data has not been altered or destroyed in an 412 unauthorized manner, and data sequences have not been altered to 413 an extent greater than can occur non-maliciously. 415 2. Masquerade - The masquerade threat is the danger that management 416 operations unauthorized for a given principal may be attempted by 417 assuming the identity of another principal that has the 418 appropriate authorizations. 420 The TLSTM verifies of the identity of the (D)TLS server through 421 the use of the (D)TLS protocol and X.509 certificates. A TLS 422 Transport Model implementation MUST support authentication of 423 both the server and the client. 425 3. Message stream modification - The re-ordering, delay or replay of 426 messages can and does occur through the natural operation of many 427 connectionless transport services. The message stream 428 modification threat is the danger that messages may be 429 maliciously re-ordered, delayed or replayed to an extent which is 430 greater than can occur through the natural operation of 431 connectionless transport services, in order to effect 432 unauthorized management operations. 434 (D)TLS provides replay protection with a MAC that includes a 435 sequence number. Since UDP provides no sequencing ability, DTLS 436 uses a sliding window protocol with the sequence number used for 437 replay protection (see [RFC4347]). 439 4. Disclosure - The disclosure threat is the danger of eavesdropping 440 on the exchanges between SNMP engines. 442 (D)TLS provides protection against the disclosure of information 443 to unauthorized recipients or eavesdroppers by allowing for 444 encryption of all traffic between SNMP engines. A TLS Transport 445 Model implementation SHOULD support message encryption to protect 446 sensitive data from eavesdropping attacks. 448 5. Denial of Service - the RFC 3411 architecture [RFC3411] states 449 that denial of service (DoS) attacks need not be addressed by an 450 SNMP security protocol. However, connectionless transports (like 451 DTLS over UDP) are susceptible to a variety of denial of service 452 attacks because they are more vulnerable to spoofed IP addresses. 453 See Section 4.2 for details how the cookie mechanism is used. 454 Note, however, that this mechanism does not provide any defense 455 against denial of service attacks mounted from valid IP 456 addresses. 458 See Section 9 for more detail on the security considerations 459 associated with the TLSTM and these security threats. 461 3.1.2. Message Protection 463 The RFC 3411 architecture recognizes three levels of security: 465 o without authentication and without privacy (noAuthNoPriv) 467 o with authentication but without privacy (authNoPriv) 469 o with authentication and with privacy (authPriv) 471 The TLS Transport Model determines from (D)TLS the identity of the 472 authenticated principal, the transport type and the transport address 473 associated with an incoming message. The TLS Transport Model 474 provides the identity and destination type and address to (D)TLS for 475 outgoing messages. 477 When an application requests a session for a message it also requests 478 a security level for that session. The TLS Transport Model MUST 479 ensure that the (D)TLS connection provides security at least as high 480 as the requested level of security. How the security level is 481 translated into the algorithms used to provide data integrity and 482 privacy is implementation-dependent. However, the NULL integrity and 483 encryption algorithms MUST NOT be used to fulfill security level 484 requests for authentication or privacy. Implementations MAY choose 485 to force (D)TLS to only allow cipher_suites that provide both 486 authentication and privacy to guarantee this assertion. 488 If a suitable interface between the TLS Transport Model and the 489 (D)TLS Handshake Protocol is implemented to allow the selection of 490 security level dependent algorithms (for example a security level to 491 cipher_suites mapping table) then different security levels may be 492 utilized by the application. 494 The authentication, integrity and privacy algorithms used by the 495 (D)TLS Protocols may vary over time as the science of cryptography 496 continues to evolve and the development of (D)TLS continues over 497 time. Implementers are encouraged to plan for changes in operator 498 trust of particular algorithms. Implementations should offer 499 configuration settings for mapping algorithms to SNMPv3 security 500 levels. 502 3.1.3. (D)TLS Connections 504 (D)TLS connections are opened by the TLS Transport Model during the 505 elements of procedure for an outgoing SNMP message. Since the sender 506 of a message initiates the creation of a (D)TLS connection if needed, 507 the (D)TLS connection will already exist for an incoming message. 509 Implementations MAY choose to instantiate (D)TLS connections in 510 anticipation of outgoing messages. This approach might be useful to 511 ensure that a (D)TLS connection to a given target can be established 512 before it becomes important to send a message over the (D)TLS 513 connection. Of course, there is no guarantee that a pre-established 514 session will still be valid when needed. 516 DTLS connections, when used over UDP, are uniquely identified within 517 the TLS Transport Model by the combination of transportDomain, 518 transportAddress, tmSecurityName, and requestedSecurityLevel 519 associated with each session. Each unique combination of these 520 parameters MUST have a locally-chosen unique tlstmSessionID for each 521 active session. For further information see Section 5. TLS over TCP 522 sessions, on the other hand, do not require a unique pairing of 523 address and port attributes since their lower layer protocols (TCP) 524 already provide adequate session framing. But they must still 525 provide a unique tlstmSessionID for referencing the session. 527 The tlstmSessionID identifier MUST NOT change during the entire 528 duration of the session from the TLSTM's perspective, and MUST 529 uniquely identify a single session. As an implementation hint: note 530 that the (D)TLS internal SessionID does not meet these requirements, 531 since it can change over the life of the connection as seen by the 532 TLSTM (for example, during renegotiation), and does not necessarily 533 uniquely idenfify a TLSTM session (there can be multiple TLSTM 534 sessions sharing the same D(TLS) internal SessionID). 536 3.2. Security Parameter Passing 538 For the (D)TLS server-side, (D)TLS-specific security parameters 539 (i.e., cipher_suites, X.509 certificate fields, IP address and port) 540 are translated by the TLS Transport Model into security parameters 541 for the TLS Transport Model and security model (e.g., 542 tmSecurityLevel, tmSecurityName, transportDomain, transportAddress). 543 The transport-related and (D)TLS-security-related information, 544 including the authenticated identity, are stored in a cache 545 referenced by tmStateReference. 547 For the (D)TLS client-side, the TLS Transport Model takes input 548 provided by the Dispatcher in the sendMessage() Abstract Service 549 Interface (ASI) and input from the tmStateReference cache. The 550 (D)TLS Transport Model converts that information into suitable 551 security parameters for (D)TLS and establishes sessions as needed. 553 The elements of procedure in Section 5 discuss these concepts in much 554 greater detail. 556 3.3. Notifications and Proxy 558 (D)TLS connections may be initiated by (D)TLS clients on behalf of 559 SNMP appplications that initiate communications, such as command 560 generators, notification originators, proxy forwarders. Command 561 generators are frequently operated by a human, but notification 562 originators and proxy forwarders are usually unmanned automated 563 processes. The targets to whom notifications and proxied requests 564 should be sent is typically determined and configured by a network 565 administrator. 567 The SNMP-TARGET-MIB module [RFC3413] contains objects for defining 568 management targets, including transportDomain, transportAddress, 569 securityName, securityModel, and securityLevel parameters, for 570 notification originator, proxy forwarder, and SNMP-controllable 571 command generator applications. Transport domains and transport 572 addresses are configured in the snmpTargetAddrTable, and the 573 securityModel, securityName, and securityLevel parameters are 574 configured in the snmpTargetParamsTable. This document defines a MIB 575 module that extends the SNMP-TARGET-MIB's snmpTargetParamsTable to 576 specify a (D)TLS client-side certificate to use for the connection. 578 When configuring a (D)TLS target, the snmpTargetAddrTDomain and 579 snmpTargetAddrTAddress parameters in snmpTargetAddrTable should be 580 set to the snmpTLSTCPDomain or snmpDTLSUDPDomain object and an 581 appropriate snmpTLSAddress value. When used with the SNMPv3 message 582 processing model, the snmpTargetParamsMPModel column of the 583 snmpTargetParamsTable should be set to a value of 3. The 584 snmpTargetParamsSecurityName should be set to an appropriate 585 securityName value and the snmpTlstmParamsClientFingerprint parameter 586 of the snmpTlstmParamsTable should be set a value that refers to a 587 locally held certificate (and the corresponding private key) to be 588 used. Other parameters, for example cryptographic configuration such 589 as which cipher suites to use, must come from configuration 590 mechanisms not defined in this document. 592 The securityName defined in the snmpTargetParamsSecurityName column 593 will be used by the access control model to authorize any 594 notifications that need to be sent. 596 4. Elements of the Model 598 This section contains definitions required to realize the (D)TLS 599 Transport Model defined by this document. 601 4.1. X.509 Certificates 603 (D)TLS can make use of X.509 certificates for authentication of both 604 sides of the transport. This section discusses the use of X.509 605 certificates in the TLSTM. 607 While (D)TLS supports multiple authentication mechanisms, this 608 document only discusses X.509 certificate based authentication; other 609 forms of authentication are are outside the scope of this 610 specification. TLSTM implementations are REQUIRED to support X.509 611 certificates. 613 4.1.1. Provisioning for the Certificate 615 Authentication using (D)TLS will require that SNMP entities have 616 certificates, either signed by trusted certification authorities, or 617 self-signed. Furthermore, SNMP entities will most commonly need to 618 be provisioned with root certificates which represent the list of 619 trusted certificate authorities that an SNMP entity can use for 620 certificate verification. SNMP entities SHOULD also be provisioned 621 with a X.509 certificate revocation mechanism which can be used to 622 verify that a certificate has not been revoked. Trusted public keys 623 from either CA certificates and/or self-signed certificates MUST be 624 installed into the server through a trusted out of band mechanism and 625 their authenticity MUST be verified before access is granted. 627 Having received a certificate from a connecting TLSTM client, the 628 authenticated tmSecurityName of the principal is derived using the 629 snmpTlstmCertToTSNTable. This table allows mapping of incoming 630 connections to tmSecurityNames through defined transformations. The 631 transformations defined in the SNMP-TLS-TM-MIB include: 633 o Mapping a certificate's subjectAltName or CommonName components to 634 a tmSecurityName, or 636 o Mapping a certificate's fingerprint value to a directly specified 637 tmSecurityName 639 As an implementation hint: implementations may choose to discard any 640 connections for which no potential snmpTlstmCertToTSNTable mapping 641 exists before performing certificate verification to avoid expending 642 computational resources associated with certificate verification. 644 Enterprise configurations are encouraged to map a "subjectAltName" 645 component of the X.509 certificate to the TLSTM specific 646 tmSecurityName. The authenticated identity can be obtained by the 647 TLS Transport Model by extracting the subjectAltName(s) from the 648 peer's certificate. The receiving application will then have an 649 appropriate tmSecurityName for use by other SNMPv3 components like an 650 access control model. 652 An example of this type of mapping setup can be found in Appendix A. 654 This tmSecurityName may be later translated from a TLSTM specific 655 tmSecurityName to a SNMP engine securityName by the security model. 656 A security model, like the TSM security model [RFC5591], may perform 657 an identity mapping or a more complex mapping to derive the 658 securityName from the tmSecurityName offered by the TLS Transport 659 Model. 661 A pictorial view of the complete transformation process (using the 662 TSM security model for the example) is shown below: 664 +-------------+ +-------+ +-----+ 665 | Certificate | | | | | 666 | Path | | TLSTM | tmSecurityName | TSM | 667 | Validation | --> | | ----------------->| | 668 +-------------+ +-------+ +-----+ 669 | 670 | securityName 671 V 672 +-------------+ 673 | application | 674 +-------------+ 676 4.2. (D)TLS Usage 678 (D)TLS MUST negotiate a cipher suite that uses X.509 certificates for 679 authentication, and MUST authenticate both the client and the server. 680 The mandatory-to-implement cipher suite is specified in the TLS 681 specification [RFC5246]. 683 TLSTM verifies the certificates when the connection is opened (see 684 Section 5.3). For this reason, TLS renegotiation with different 685 certificates MUST NOT be done. That is, implementations MUST either 686 disable renegotiation completely (RECOMMENDED), or MUST present the 687 same certificate during renegotiation (and MUST verify that the other 688 end presented the same certificate). 690 For DTLS over UDP, each SNMP message MUST be placed in a single UDP 691 datagram; it MAY be split to multiple DTLS records. In other words, 692 if a single datagram contains multiple DTLS application_data records, 693 they are concatenated when received. The TLSTM implementation SHOULD 694 return an error if the SNMP message does not fit in the UDP datagram, 695 and thus cannot be sent. 697 For DTLS over UDP, the DTLS server implementation MUST support DTLS 698 cookies ([RFC4347] already requires that clients support DTLS 699 cookies). Implementations are not required to perform the cookie 700 exchange for every DTLS handshake; however, enabling it by default is 701 RECOMMENDED. 703 For DTLS, replay protection MUST be used. 705 4.3. SNMP Services 707 This section describes the services provided by the TLS Transport 708 Model with their inputs and outputs. The services are between the 709 Transport Model and the Dispatcher. 711 The services are described as primitives of an abstract service 712 interface (ASI) and the inputs and outputs are described as abstract 713 data elements as they are passed in these abstract service 714 primitives. 716 4.3.1. SNMP Services for an Outgoing Message 718 The Dispatcher passes the information to the TLS Transport Model 719 using the ASI defined in the transport subsystem: 721 statusInformation = 722 sendMessage( 723 IN destTransportDomain -- transport domain to be used 724 IN destTransportAddress -- transport address to be used 725 IN outgoingMessage -- the message to send 726 IN outgoingMessageLength -- its length 727 IN tmStateReference -- reference to transport state 728 ) 730 The abstract data elements returned from or passed as parameters into 731 the abstract service primitives are as follows: 733 statusInformation: An indication of whether the sending of the 734 message was successful. If not, it is an indication of the 735 problem. 737 destTransportDomain: The transport domain for the associated 738 destTransportAddress. The Transport Model uses this parameter to 739 determine the transport type of the associated 740 destTransportAddress. This document specifies the 741 snmpTLSTCPDomain and the snmpDTLSUDPDomain transport domains. 743 destTransportAddress: The transport address of the destination TLS 744 Transport Model in a format specified by the SnmpTLSAddress 745 TEXTUAL-CONVENTION. 747 outgoingMessage: The outgoing message to send to (D)TLS for 748 encapsulation and transmission. 750 outgoingMessageLength: The length of the outgoingMessage field. 752 tmStateReference: A reference to tmState to be used when securing 753 outgoing messages. 755 4.3.2. SNMP Services for an Incoming Message 757 The TLS Transport Model processes the received message from the 758 network using the (D)TLS service and then passes it to the Dispatcher 759 using the following ASI: 761 statusInformation = 762 receiveMessage( 763 IN transportDomain -- origin transport domain 764 IN transportAddress -- origin transport address 765 IN incomingMessage -- the message received 766 IN incomingMessageLength -- its length 767 IN tmStateReference -- reference to transport state 768 ) 770 The abstract data elements returned from or passed as parameters into 771 the abstract service primitives are as follows: 773 statusInformation: An indication of whether the passing of the 774 message was successful. If not, it is an indication of the 775 problem. 777 transportDomain: The transport domain for the associated 778 transportAddress. This document specifies the snmpTLSTCPDomain 779 and the snmpDTLSUDPDomain transport domains. 781 transportAddress: The transport address of the source of the 782 received message in a format specified by the SnmpTLSAddress 783 TEXTUAL-CONVENTION. 785 incomingMessage: The whole SNMP message after being processed by 786 (D)TLS and the (D)TLS transport layer data has been removed. 788 incomingMessageLength: The length of the incomingMessage field. 790 tmStateReference: A reference to tmSecurityData to be used by the 791 security model. 793 4.4. Cached Information and References 795 When performing SNMP processing, there are two levels of state 796 information that may need to be retained: the immediate state linking 797 a request-response pair, and potentially longer-term state relating 798 to transport and security. "Transport Subsystem for the Simple 799 Network Management Protocol" [RFC5590] defines general requirements 800 for caches and references. 802 4.4.1. TLS Transport Model Cached Information 804 The TLS Transport Model has specific responsibilities regarding the 805 cached information. See the Elements of Procedure in Section 5 for 806 detailed processing instructions on the use of the tmStateReference 807 fields by the TLS Transport Model. 809 4.4.1.1. tmSecurityName 811 The tmSecurityName MUST be a human-readable name (in snmpAdminString 812 format) representing the identity that has been set according to the 813 procedures in Section 5. The tmSecurityName MUST be constant for all 814 traffic passing through an TLSTM session. Messages MUST NOT be sent 815 through an existing (D)TLS connection that was established using a 816 different tmSecurityName. 818 On the (D)TLS server side of a connection the tmSecurityName is 819 derived using the procedures described in Section 5.3.2 and the SNMP- 820 TLS-TM-MIB's snmpTlstmCertToTSNTable DESCRIPTION clause. 822 On the (D)TLS client side of a connection the tmSecurityName is 823 presented to the TLS Transport Model by the application (possibly 824 because of configuration specified in the SNMP-TARGET-MIB). 826 The securityName MAY be derived from the tmSecurityName by a Security 827 Model and MAY be used to configure notifications and access controls 828 in MIB modules. Transport Models SHOULD generate a predictable 829 tmSecurityName so operators will know what to use when configuring 830 MIB modules that use securityNames derived from tmSecurityNames. The 831 TLSTM generates predictable tmSecurityNames based on the 832 configuration found in the SNMP-TLS-TM-MIB's snmpTlstmCertToTSNTable 833 and relies on the network operators to have configured this table 834 appropriately. 836 4.4.1.2. tmSessionID 838 The tmSessionID MUST be recorded per message at the time of receipt. 839 When tmSameSecurity is set, the recorded tmSessionID can be used to 840 determine whether the (D)TLS connection available for sending a 841 corresponding outgoing message is the same (D)TLS connection as was 842 used when receiving the incoming message (e.g., a response to a 843 request). 845 4.4.1.3. Session State 847 The per-session state that is referenced by tmStateReference may be 848 saved across multiple messages in a Local Configuration Datastore. 849 Additional session/connection state information might also be stored 850 in a Local Configuration Datastore. 852 5. Elements of Procedure 854 Abstract service interfaces have been defined by [RFC3411] and 855 further augmented by [RFC5590] to describe the conceptual data flows 856 between the various subsystems within an SNMP entity. The TLSTM uses 857 some of these conceptual data flows when communicating between 858 subsystems. 860 To simplify the elements of procedure, the release of state 861 information is not always explicitly specified. As a general rule, 862 if state information is available when a message gets discarded, the 863 message-state information should also be released. If state 864 information is available when a session is closed, the session state 865 information should also be released. Sensitive information, like 866 cryptographic keys, should be overwritten appropriately prior to 867 being released. 869 An error indication in statusInformation will typically include the 870 Object Identifier (OID) and value for an incremented error counter. 871 This may be accompanied by the requested securityLevel and the 872 tmStateReference. Per-message context information is not accessible 873 to Transport Models, so for the returned counter OID and value, 874 contextEngine would be set to the local value of snmpEngineID and 875 contextName to the default context for error counters. 877 5.1. Procedures for an Incoming Message 879 This section describes the procedures followed by the (D)TLS 880 Transport Model when it receives a (D)TLS protected packet. The 881 required functionality is broken into two different sections. 883 Section 5.1.1 describes the processing required for de-multiplexing 884 multiple DTLS connections, which is specifically needed for DTLS over 885 UDP sessions. It is assumed that TLS protocol implementations 886 already provide appropriate message demultiplexing. 888 Section 5.1.2 describes the transport processing required once the 889 (D)TLS processing has been completed. This will be needed for all 890 (D)TLS-based connections. 892 5.1.1. DTLS over UDP Processing for Incoming Messages 894 For connection-oriented transport protocols, such as TCP, the 895 transport protocol takes care of demultiplexing incoming packets to 896 the right connection. Depending on the DTLS implementation, for DTLS 897 over UDP, this demultiplexing may need to be done by the TLSTM 898 implementation. 900 Like TCP, DTLS over UDP uses the four-tuple for identifying the connection 902 (and relevant DTLS connection state). This means that when 903 establishing a new session, implementations MUST use a different UDP 904 source port number for each active connection to a remote destination 905 IP-address/port-number combination to ensure the remote entity can 906 disambiguate between multiple connections. 908 If demultiplexing received UDP datagrams to DTLS connection state is 909 done by the TLSTM implementation (instead of the DTLS 910 implementation), the steps below describe one possible method to 911 accomplish this. 913 The important output results from the steps in this process are the 914 remote transport address, incomingMessage, incomingMessageLength, and 915 the tlstmSessionID. 917 1) The TLS Transport Model examines the raw UDP message, in an 918 implementation-dependent manner. 920 2) The TLS Transport Model queries the LCD using the transport 921 parameters (source and destination IP addresses and ports) to 922 determine if a session already exists. 924 2a) If a matching entry in the LCD does not exist, then the UDP 925 packet is passed to the DTLS implementation for processing. 926 If the DTLS implementation decides to continue with the 927 connection and allocate state for it, it returns a new DTLS 928 connection handle (an implementation dependent detail). In 929 this case, TLSTM selects a new tlstmSessionId, and caches 930 this and the DTLS connection handle as a new entry in the 931 LCD (indexed by the transport parameters). If the DTLS 932 implementation returns an error or does not allocate 933 connection state (which can happen with the stateless cookie 934 exchange), processing stops. 936 2b) If a session does exist in the LCD then its DTLS connection 937 handle (an implementation dependent detail) and its 938 tlstmSessionId is extracted from the LCD. The UDP packet 939 and the connection handle is passed to the DTLS 940 implementation. If the DTLS implementation returns success 941 but does not return an incomingMessage and an 942 incomingMessageLength then processing stops (this is the 943 case when the UDP datagram contained DTLS handshake 944 messages, for example). If the DTLS implementation returns 945 an error then processing stops. 947 3) Retrieve the incomingMessage and an incomingMessageLength from 948 DTLS. These results and the tlstmSessionID are used below in 949 Section 5.1.2 to complete the processing of the incoming message. 951 5.1.2. Transport Processing for Incoming SNMP Messages 953 The procedures in this section describe how the TLS Transport Model 954 should process messages that have already been properly extracted 955 from the (D)TLS stream. Note that care must be taken when processing 956 messages originating from either TLS or DTLS to ensure they're 957 complete and single. For example, multiple SNMP messages can be 958 passed through a single DTLS message and partial SNMP messages may be 959 received from a TLS stream. These steps describe the processing of a 960 singular SNMP message after it has been delivered from the (D)TLS 961 stream. 963 1) Determine the tlstmSessionID for the incoming message. The 964 tlstmSessionID MUST be a unique session identifier for this 965 (D)TLS connection. The contents and format of this identifier 966 are implementation-dependent as long as it is unique to the 967 session. A session identifier MUST NOT be reused until all 968 references to it are no longer in use. The tmSessionID is equal 969 to the tlstmSessionID discussed in Section 5.1.1. tmSessionID 970 refers to the session identifier when stored in the 971 tmStateReference and tlstmSessionID refers to the session 972 identifier when stored in the LCD. They MUST always be equal 973 when processing a given session's traffic. 975 If this is the first message received through this session and 976 the session does not have an assigned tlstmSessionID yet then the 977 snmpTlstmSessionAccepts counter is incremented and a 978 tlstmSessionID for the session is created. This will only happen 979 on the server side of a connection because a client would have 980 already assigned a tlstmSessionID during the openSession() 981 invocation. Implementations may have performed the procedures 982 described in Section 5.3.2 prior to this point or they may 983 perform them now, but the procedures described in Section 5.3.2 984 MUST be performed before continuing beyond this point. 986 2) Create a tmStateReference cache for the subsequent reference and 987 assign the following values within it: 989 tmTransportDomain = snmpTLSTCPDomain or snmpDTLSUDPDomain as 990 appropriate. 992 tmTransportAddress = The address the message originated from. 994 tmSecurityLevel = The derived tmSecurityLevel for the session, 995 as discussed in Section 3.1.2 and Section 5.3. 997 tmSecurityName = The derived tmSecurityName for the session as 998 discussed in Section 5.3. This value MUST be constant during 999 the lifetime of the session. 1001 tmSessionID = The tlstmSessionID described in step 1 above. 1003 3) The incomingMessage and incomingMessageLength are assigned values 1004 from the (D)TLS processing. 1006 4) The TLS Transport Model passes the transportDomain, 1007 transportAddress, incomingMessage, and incomingMessageLength to 1008 the Dispatcher using the receiveMessage ASI: 1010 statusInformation = 1011 receiveMessage( 1012 IN transportDomain -- snmpTLSTCPDomain or snmpDTLSUDPDomain, 1013 IN transportAddress -- address for the received message 1014 IN incomingMessage -- the whole SNMP message from (D)TLS 1015 IN incomingMessageLength -- the length of the SNMP message 1016 IN tmStateReference -- transport info 1017 ) 1019 5.2. Procedures for an Outgoing SNMP Message 1021 The Dispatcher sends a message to the TLS Transport Model using the 1022 following ASI: 1024 statusInformation = 1025 sendMessage( 1026 IN destTransportDomain -- transport domain to be used 1027 IN destTransportAddress -- transport address to be used 1028 IN outgoingMessage -- the message to send 1029 IN outgoingMessageLength -- its length 1030 IN tmStateReference -- transport info 1031 ) 1033 This section describes the procedure followed by the TLS Transport 1034 Model whenever it is requested through this ASI to send a message. 1036 1) If tmStateReference does not refer to a cache containing values 1037 for tmTransportDomain, tmTransportAddress, tmSecurityName, 1038 tmRequestedSecurityLevel, and tmSameSecurity, then increment the 1039 snmpTlstmSessionInvalidCaches counter, discard the message, and 1040 return the error indication in the statusInformation. Processing 1041 of this message stops. 1043 2) Extract the tmSessionID, tmTransportDomain, tmTransportAddress, 1044 tmSecurityName, tmRequestedSecurityLevel, and tmSameSecurity 1045 values from the tmStateReference. Note: The tmSessionID value 1046 may be undefined if no session exists yet over which the message 1047 can be sent. 1049 3) If tmSameSecurity is true and either tmSessionID is undefined or 1050 refers to a session that is no longer open then increment the 1051 snmpTlstmSessionNoSessions counter, discard the message and 1052 return the error indication in the statusInformation. Processing 1053 of this message stops. 1055 4) If tmSameSecurity is false and tmSessionID refers to a session 1056 that is no longer available then an implementation SHOULD open a 1057 new session using the openSession() ASI (described in greater 1058 detail in step 5b). Instead of opening a new session an 1059 implementation MAY return a snmpTlstmSessionNoSessions error to 1060 the calling module and stop processing of the message. 1062 5) If tmSessionID is undefined, then use tmTransportDomain, 1063 tmTransportAddress, tmSecurityName and tmRequestedSecurityLevel 1064 to see if there is a corresponding entry in the LCD suitable to 1065 send the message over. 1067 5a) If there is a corresponding LCD entry, then this session 1068 will be used to send the message. 1070 5b) If there is not a corresponding LCD entry, then open a 1071 session using the openSession() ASI (discussed further in 1072 Section 5.3.1). Implementations MAY wish to offer message 1073 buffering to prevent redundant openSession() calls for the 1074 same cache entry. If an error is returned from 1075 openSession(), then discard the message, discard the 1076 tmStateReference, increment the snmpTlstmSessionOpenErrors, 1077 return an error indication to the calling module and stop 1078 processing of the message. 1080 6) Using either the session indicated by the tmSessionID if there 1081 was one or the session resulting from a previous step (4 or 5), 1082 pass the outgoingMessage to (D)TLS for encapsulation and 1083 transmission. 1085 5.3. Establishing or Accepting a Session 1087 Establishing a (D)TLS connection as either a client or a server 1088 requires slightly different processing. The following two sections 1089 describe the necessary processing steps. 1091 5.3.1. Establishing a Session as a Client 1093 The TLS Transport Model provides the following primitive for use by a 1094 client to establish a new (D)TLS connection: 1096 statusInformation = -- errorIndication or success 1097 openSession( 1098 IN tmStateReference -- transport information to be used 1099 OUT tmStateReference -- transport information to be used 1100 IN maxMessageSize -- of the sending SNMP entity 1101 ) 1103 The following describes the procedure to follow when establishing a 1104 SNMP over (D)TLS connection between SNMP engines for exchanging SNMP 1105 messages. This process is followed by any SNMP client's engine when 1106 establishing a session for subsequent use. 1108 This procedure MAY be done automatically for an SNMP application that 1109 initiates a transaction, such as a command generator, a notification 1110 originator, or a proxy forwarder. 1112 1) The snmpTlstmSessionOpens counter is incremented. 1114 2) The client selects the appropriate certificate and cipher_suites 1115 for the key agreement based on the tmSecurityName and the 1116 tmRequestedSecurityLevel for the session. For sessions being 1117 established as a result of a SNMP-TARGET-MIB based operation, the 1118 certificate will potentially have been identified via the 1119 snmpTlstmParamsTable mapping and the cipher_suites will have to 1120 be taken from system-wide or implementation-specific 1121 configuration. If no row in the snmpTlstmParamsTable exists then 1122 implementations MAY choose to establish the connection using a 1123 default client certificate available to the application. 1124 Otherwise, the certificate and appropriate cipher_suites will 1125 need to be passed to the openSession() ASI as supplemental 1126 information or configured through an implementation-dependent 1127 mechanism. It is also implementation-dependent and possibly 1128 policy-dependent how tmRequestedSecurityLevel will be used to 1129 influence the security capabilities provided by the (D)TLS 1130 connection. However this is done, the security capabilities 1131 provided by (D)TLS MUST be at least as high as the level of 1132 security indicated by the tmRequestedSecurityLevel parameter. 1133 The actual security level of the session is reported in the 1134 tmStateReference cache as tmSecurityLevel. For (D)TLS to provide 1135 strong authentication, each principal acting as a command 1136 generator SHOULD have its own certificate. 1138 3) Using the destTransportDomain and destTransportAddress values, 1139 the client will initiate the (D)TLS handshake protocol to 1140 establish session keys for message integrity and encryption. 1142 If the attempt to establish a session is unsuccessful, then 1143 snmpTlstmSessionOpenErrors is incremented, an error indication is 1144 returned, and processing stops. If the session failed to open 1145 because the presented server certificate was unknown or invalid 1146 then the snmpTlstmSessionUnknownServerCertificate or 1147 snmpTlstmSessionInvalidServerCertificates MUST be incremented and 1148 a snmpTlstmServerCertificateUnknown or 1149 snmpTlstmServerInvalidCertificate notification SHOULD be sent as 1150 appropriate. Reasons for server certificate invalidation 1151 includes, but is not limited to, cryptographic validation 1152 failures and an unexpected presented certificate identity. 1154 4) The (D)TLS client MUST then verify that the (D)TLS server's 1155 presented certificate is the expected certificate. The (D)TLS 1156 client MUST NOT transmit SNMP messages until the server 1157 certificate has been authenticated, the client certificate has 1158 been transmitted and the TLS connection has been fully 1159 established. 1161 If the connection is being established from configuration based 1162 on SNMP-TARGET-MIB configuration, then the snmpTlstmAddrTable 1163 DESCRIPTION clause describes how the verification is done (using 1164 either a certificate fingerprint, or an identity authenticated 1165 via certification path validation). 1167 If the connection is being established for reasons other than 1168 configuration found in the SNMP-TARGET-MIB then configuration and 1169 procedures outside the scope of this document should be followed. 1170 Configuration mechanisms SHOULD be similar in nature to those 1171 defined in the snmpTlstmAddrTable to ensure consistency across 1172 management configuration systems. For example, a command-line 1173 tool for generating SNMP GETs might support specifying either the 1174 server's certificate fingerprint or the expected host name as a 1175 command line argument. 1177 5) (D)TLS provides assurance that the authenticated identity has 1178 been signed by a trusted configured certification authority. If 1179 verification of the server's certificate fails in any way (for 1180 example because of failures in cryptographic verification or the 1181 presented identity did not match the expected named entity) then 1182 the session establishment MUST fail, the 1183 snmpTlstmSessionInvalidServerCertificates object is incremented. 1184 If the session can not be opened for any reason at all, including 1185 cryptographic verification failures, then the 1186 snmpTlstmSessionOpenErrors counter is incremented and processing 1187 stops. 1189 6) The TLSTM-specific session identifier (tlstmSessionID) is set in 1190 the tmSessionID of the tmStateReference passed to the TLS 1191 Transport Model to indicate that the session has been established 1192 successfully and to point to a specific (D)TLS connection for 1193 future use. The tlstmSessionID is also stored in the LCD for 1194 later lookup during processing of incoming messages 1195 (Section 5.1.2). 1197 5.3.2. Accepting a Session as a Server 1199 A (D)TLS server should accept new session connections from any client 1200 that it is able to verify the client's credentials for. This is done 1201 by authenticating the client's presented certificate through a 1202 certificate path validation process (e.g. [RFC5280]) or through 1203 certificate fingerprint verification using fingerprints configured in 1204 the snmpTlstmCertToTSNTable. Afterward the server will determine the 1205 identity of the remote entity using the following procedures. 1207 The (D)TLS server identifies the authenticated identity from the 1208 (D)TLS client's principal certificate using configuration information 1209 from the snmpTlstmCertToTSNTable mapping table. The (D)TLS server 1210 MUST request and expect a certificate from the client and MUST NOT 1211 accept SNMP messages over the (D)TLS connection until the client has 1212 sent a certificate and it has been authenticated. The resulting 1213 derived tmSecurityName is recorded in the tmStateReference cache as 1214 tmSecurityName. The details of the lookup process are fully 1215 described in the DESCRIPTION clause of the snmpTlstmCertToTSNTable 1216 MIB object. If any verification fails in any way (for example 1217 because of failures in cryptographic verification or because of the 1218 lack of an appropriate row in the snmpTlstmCertToTSNTable) then the 1219 session establishment MUST fail, and the 1220 snmpTlstmSessionInvalidClientCertificates object is incremented. If 1221 the session can not be opened for any reason at all, including 1222 cryptographic verification failures, then the 1223 snmpTlstmSessionOpenErrors counter is incremented and processing 1224 stops. 1226 Servers that wish to support multiple principals at a particular port 1227 SHOULD make use of a (D)TLS extension that allows server-side 1228 principal selection like the Server Name Indication extension defined 1229 in Section 3.1 of [RFC4366]. Supporting this will allow, for 1230 example, sending notifications to a specific principal at a given TCP 1231 or UDP port. 1233 5.4. Closing a Session 1235 The TLS Transport Model provides the following primitive to close a 1236 session: 1238 statusInformation = 1239 closeSession( 1240 IN tmSessionID -- session ID of the session to be closed 1241 ) 1243 The following describes the procedure to follow to close a session 1244 between a client and server. This process is followed by any SNMP 1245 engine closing the corresponding SNMP session. 1247 1) Increment either the snmpTlstmSessionClientCloses or the 1248 snmpTlstmSessionServerCloses counter as appropriate. 1250 2) Look up the session using the tmSessionID. 1252 3) If there is no open session associated with the tmSessionID, then 1253 closeSession processing is completed. 1255 4) Have (D)TLS close the specified connection. This SHOULD include 1256 sending a close_notify TLS Alert to inform the other side that 1257 session cleanup may be performed. 1259 6. MIB Module Overview 1261 This MIB module provides management of the TLS Transport Model. It 1262 defines needed textual conventions, statistical counters, 1263 notifications and configuration infrastructure necessary for session 1264 establishment. Example usage of the configuration tables can be 1265 found in Appendix A. 1267 6.1. Structure of the MIB Module 1269 Objects in this MIB module are arranged into subtrees. Each subtree 1270 is organized as a set of related objects. The overall structure and 1271 assignment of objects to their subtrees, and the intended purpose of 1272 each subtree, is shown below. 1274 6.2. Textual Conventions 1276 Generic and Common Textual Conventions used in this module can be 1277 found summarized at http://www.ops.ietf.org/mib-common-tcs.html 1278 This module defines the following new Textual Conventions: 1280 o A new TransportAddress format for describing (D)TLS connection 1281 addressing requirements. 1283 o A certificate fingerprint allowing MIB module objects to 1284 generically refer to a stored X.509 certificate using a 1285 cryptographic hash as a reference pointer. 1287 6.3. Statistical Counters 1289 The SNMP-TLS-TM-MIB defines some counters that can provide network 1290 management stations with information about session usage and 1291 potential errors that a MIB-instrumented device may be experiencing. 1293 6.4. Configuration Tables 1295 The SNMP-TLS-TM-MIB defines configuration tables that an 1296 administrator can use for configuring a MIB-instrumented device for 1297 sending and receiving SNMP messages over (D)TLS. In particular, 1298 there are MIB tables that extend the SNMP-TARGET-MIB for configuring 1299 (D)TLS certificate usage and a MIB table for mapping incoming (D)TLS 1300 client certificates to SNMPv3 securityNames. 1302 6.4.1. Notifications 1304 The SNMP-TLS-TM-MIB defines notifications to alert management 1305 stations when a (D)TLS connection fails because a server's presented 1306 certificate did not meet an expected value 1307 (snmpTlstmServerCertificateUnknown) or because cryptographic 1308 validation failed (snmpTlstmServerInvalidCertificate). 1310 6.5. Relationship to Other MIB Modules 1312 Some management objects defined in other MIB modules are applicable 1313 to an entity implementing the TLS Transport Model. In particular, it 1314 is assumed that an entity implementing the SNMP-TLS-TM-MIB will 1315 implement the SNMPv2-MIB [RFC3418], the SNMP-FRAMEWORK-MIB [RFC3411], 1316 the SNMP-TARGET-MIB [RFC3413], the SNMP-NOTIFICATION-MIB [RFC3413] 1317 and the SNMP-VIEW-BASED-ACM-MIB [RFC3415]. 1319 The SNMP-TLS-TM-MIB module contained in this document is for managing 1320 TLS Transport Model information. 1322 6.5.1. MIB Modules Required for IMPORTS 1324 The SNMP-TLS-TM-MIB module imports items from SNMPv2-SMI [RFC2578], 1325 SNMPv2-TC [RFC2579], SNMP-FRAMEWORK-MIB [RFC3411], SNMP-TARGET-MIB 1327 [RFC3413] and SNMPv2-CONF [RFC2580]. 1329 7. MIB Module Definition 1331 SNMP-TLS-TM-MIB DEFINITIONS ::= BEGIN 1333 IMPORTS 1334 MODULE-IDENTITY, OBJECT-TYPE, 1335 OBJECT-IDENTITY, mib-2, snmpDomains, 1336 Counter32, Unsigned32, Gauge32, NOTIFICATION-TYPE 1337 FROM SNMPv2-SMI 1338 TEXTUAL-CONVENTION, TimeStamp, RowStatus, StorageType, 1339 AutonomousType 1340 FROM SNMPv2-TC 1341 MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP 1342 FROM SNMPv2-CONF 1343 SnmpAdminString 1344 FROM SNMP-FRAMEWORK-MIB 1345 snmpTargetParamsName, snmpTargetAddrName 1346 FROM SNMP-TARGET-MIB 1347 ; 1349 snmpTlstmMIB MODULE-IDENTITY 1350 LAST-UPDATED "201004140000Z" 1351 ORGANIZATION "ISMS Working Group" 1352 CONTACT-INFO "WG-EMail: isms@lists.ietf.org 1353 Subscribe: isms-request@lists.ietf.org 1355 Chairs: 1356 Juergen Schoenwaelder 1357 Jacobs University Bremen 1358 Campus Ring 1 1359 28725 Bremen 1360 Germany 1361 +49 421 200-3587 1362 j.schoenwaelder@jacobs-university.de 1364 Russ Mundy 1365 SPARTA, Inc. 1366 7110 Samuel Morse Drive 1367 Columbia, MD 21046 1368 USA 1370 Editor: 1371 Wes Hardaker 1372 Sparta, Inc. 1374 P.O. Box 382 1375 Davis, CA 95617 1376 USA 1377 ietf@hardakers.net 1378 " 1380 DESCRIPTION " 1381 The TLS Transport Model MIB 1383 Copyright (c) 2010 IETF Trust and the persons identified as 1384 the document authors. All rights reserved. 1386 Redistribution and use in source and binary forms, with or 1387 without modification, is permitted pursuant to, and subject 1388 to the license terms contained in, the Simplified BSD License 1389 set forth in Section 4.c of the IETF Trust's Legal Provisions 1390 Relating to IETF Documents 1391 (http://trustee.ietf.org/license-info)." 1393 REVISION "201004140000Z" 1394 DESCRIPTION "This version of this MIB module is part of 1395 RFC XXXX; see the RFC itself for full legal 1396 notices." 1398 -- NOTE to RFC editor: replace XXXX with actual RFC number 1399 -- for this document and change the date to the 1400 -- current date and remove this note 1402 ::= { mib-2 www } 1403 -- RFC Ed.: replace www with IANA-assigned number under the mib-2 1404 -- SNMP OID tree and remove this note 1406 -- ************************************************ 1407 -- subtrees of the SNMP-TLS-TM-MIB 1408 -- ************************************************ 1410 snmpTlstmNotifications OBJECT IDENTIFIER ::= { snmpTlstmMIB 0 } 1411 snmpTlstmIdentities OBJECT IDENTIFIER ::= { snmpTlstmMIB 1 } 1412 snmpTlstmObjects OBJECT IDENTIFIER ::= { snmpTlstmMIB 2 } 1413 snmpTlstmConformance OBJECT IDENTIFIER ::= { snmpTlstmMIB 3 } 1415 -- ************************************************ 1416 -- snmpTlstmObjects - Objects 1417 -- ************************************************ 1419 snmpTLSTCPDomain OBJECT-IDENTITY 1420 STATUS current 1421 DESCRIPTION 1422 "The SNMP over TLS transport domain. The corresponding 1423 transport address is of type SnmpTLSAddress. 1425 The securityName prefix to be associated with the 1426 snmpTLSTCPDomain is 'tls'. This prefix may be used by 1427 security models or other components to identify which secure 1428 transport infrastructure authenticated a securityName." 1430 ::= { snmpDomains xx } 1432 -- RFC Ed.: replace xx with IANA-assigned number and 1433 -- remove this note 1435 -- RFC Ed.: replace 'tls' with the actual IANA assigned prefix string 1436 -- if 'tls' is not assigned to this document. 1438 snmpDTLSUDPDomain OBJECT-IDENTITY 1439 STATUS current 1440 DESCRIPTION 1441 "The SNMP over DTLS/UDP transport domain. The corresponding 1442 transport address is of type SnmpTLSAddress. 1444 The securityName prefix to be associated with the 1445 snmpDTLSUDPDomain is 'dtls'. This prefix may be used by 1446 security models or other components to identify which secure 1447 transport infrastructure authenticated a securityName." 1449 ::= { snmpDomains yy } 1451 -- RFC Ed.: replace yy with IANA-assigned number and 1452 -- remove this note 1454 -- RFC Ed.: replace 'dtls' with the actual IANA assigned prefix string 1455 -- if 'dtls' is not assigned to this document. 1457 SnmpTLSAddress ::= TEXTUAL-CONVENTION 1458 DISPLAY-HINT "1a" 1459 STATUS current 1460 DESCRIPTION 1461 "Represents a IPv4 address, an IPv6 address or an US-ASCII 1462 encoded hostname and port number. 1464 An IPv4 address must be in dotted decimal format followed by a 1465 colon ':' (US-ASCII character 0x3A) and a decimal port number 1466 in US-ASCII. 1468 An IPv6 address must be a colon separated format, surrounded 1469 by square brackets ('[', US-ASCII character 0x5B, and ']', 1470 US-ASCII character 0x5D), followed by a colon ':' (US-ASCII 1471 character 0x3A) and a decimal port number in US-ASCII. 1473 A hostname is always in US-ASCII (as per RFC1033); 1474 internationalized hostnames are encoded in US-ASCII as 1475 specified in RFC 3490. The hostname is followed by a colon 1476 ':' (US-ASCII character 0x3A) and a decimal port number in 1477 US-ASCII. The name SHOULD be fully qualified whenever 1478 possible. 1480 Values of this textual convention may not be directly usable 1481 as transport-layer addressing information, and may require 1482 run-time resolution. As such, applications that write them 1483 must be prepared for handling errors if such values are not 1484 supported, or cannot be resolved (if resolution occurs at the 1485 time of the management operation). 1487 The DESCRIPTION clause of TransportAddress objects that may 1488 have SnmpTLSAddress values must fully describe how (and 1489 when) such names are to be resolved to IP addresses and vice 1490 versa. 1492 This textual convention SHOULD NOT be used directly in object 1493 definitions since it restricts addresses to a specific 1494 format. However, if it is used, it MAY be used either on its 1495 own or in conjunction with TransportAddressType or 1496 TransportDomain as a pair. 1498 When this textual convention is used as a syntax of an index 1499 object, there may be issues with the limit of 128 1500 sub-identifiers specified in SMIv2 (STD 58). It is RECOMMENDED 1501 that all MIB documents using this textual convention make 1502 explicit any limitations on index component lengths that 1503 management software must observe. This may be done either by 1504 including SIZE constraints on the index components or by 1505 specifying applicable constraints in the conceptual row 1506 DESCRIPTION clause or in the surrounding documentation." 1507 REFERENCE 1508 "RFC 1033: DOMAIN ADMINISTRATORS OPERATIONS GUIDE 1509 RFC 3490: Internationalizing Domain Names in Applications 1510 RFC 3986: Uniform Resource Identifier (URI): Generic Syntax 1511 RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2 1512 " 1513 SYNTAX OCTET STRING (SIZE (1..255)) 1515 Fingerprint ::= TEXTUAL-CONVENTION 1516 DISPLAY-HINT "1x:254x" 1517 STATUS current 1518 DESCRIPTION 1519 "A Fingerprint value that can be used to uniquely reference 1520 other data of potentially arbitrary length. 1522 A Fingerprint value is composed of a 1-octet hashing algorithm 1523 identifier followed by the fingerprint value. The octet value 1524 encoded is taken from the IANA TLS HashAlgorithm Registry 1525 (RFC5246). The remaining octets are filled using the results 1526 of the hashing algorithm. 1528 This TEXTUAL-CONVENTION allows for a zero-length (blank) 1529 Fingerprint value for use in tables where the fingerprint value 1530 may be optional. MIB definitions or implementations may refuse 1531 to accept a zero-length value as appropriate." 1532 REFERENCE 1533 "RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2 1534 http://www.iana.org/assignments/tls-parameters/ 1535 " 1536 SYNTAX OCTET STRING (SIZE (0..255)) 1538 -- Identities for use in the snmpTlstmCertToTSNTable 1540 snmpTlstmCertToTSNMIdentities OBJECT IDENTIFIER 1541 ::= { snmpTlstmIdentities 1 } 1543 snmpTlstmCertSpecified OBJECT-IDENTITY 1544 STATUS current 1545 DESCRIPTION "Directly specifies the tmSecurityName to be used for 1546 this certificate. The value of the tmSecurityName 1547 to use is specified in the snmpTlstmCertToTSNData 1548 column. The snmpTlstmCertToTSNData column must 1549 contain a non-zero length SnmpAdminString compliant 1550 value or the mapping described in this row must be 1551 considered a failure." 1552 ::= { snmpTlstmCertToTSNMIdentities 1 } 1554 snmpTlstmCertSANRFC822Name OBJECT-IDENTITY 1555 STATUS current 1556 DESCRIPTION "Maps a subjectAltName's rfc822Name to a 1557 tmSecurityName. The local part of the rfc822Name is 1558 passed unaltered but the host-part of the name must 1559 be passed in lower case. 1561 Example rfc822Name Field: FooBar@Example.COM 1562 is mapped to tmSecurityName: FooBar@example.com" 1563 ::= { snmpTlstmCertToTSNMIdentities 2 } 1565 snmpTlstmCertSANDNSName OBJECT-IDENTITY 1566 STATUS current 1567 DESCRIPTION "Maps a subjectAltName's dNSName to a 1568 tmSecurityName after first converting it to all 1569 lower case." 1570 ::= { snmpTlstmCertToTSNMIdentities 3 } 1572 snmpTlstmCertSANIpAddress OBJECT-IDENTITY 1573 STATUS current 1574 DESCRIPTION "Maps a subjectAltName's iPAddress to a 1575 tmSecurityName by transforming the binary encoded 1576 address as follows: 1578 1) for IPv4 the value is converted into a decimal 1579 dotted quad address (e.g. '192.0.2.1') 1581 2) for IPv6 addresses the value is converted into a 1582 32-character all lowercase hexadecimal string 1583 without any colon separators. 1585 Note that the resulting length is the maximum 1586 length supported by the View-Based Access Control 1587 Model (VACM). Note that using both the Transport 1588 Security Model's support for transport prefixes 1589 (see the SNMP-TSM-MIB's 1590 snmpTsmConfigurationUsePrefix object for details) 1591 will result in securityName lengths that exceed 1592 what VACM can handle." 1593 ::= { snmpTlstmCertToTSNMIdentities 4 } 1595 snmpTlstmCertSANAny OBJECT-IDENTITY 1596 STATUS current 1597 DESCRIPTION "Maps any of the following fields using the 1598 corresponding mapping algorithms: 1600 |------------+------------------------| 1601 | Type | Algorithm | 1602 |------------+------------------------| 1603 | rfc822Name | snmpTlstmCertSANRFC822Name | 1604 | dNSName | snmpTlstmCertSANDNSName | 1605 | iPAddress | snmpTlstmCertSANIpAddress | 1606 |------------+------------------------| 1608 The first matching subjectAltName value found in the 1609 certificate of the above types MUST be used when 1610 deriving the tmSecurityName." 1611 ::= { snmpTlstmCertToTSNMIdentities 5 } 1613 snmpTlstmCertCommonName OBJECT-IDENTITY 1614 STATUS current 1616 DESCRIPTION "Maps a certificate's CommonName to a tmSecurityName 1617 after converting it to a UTF-8 encoding." 1618 ::= { snmpTlstmCertToTSNMIdentities 6 } 1620 -- The snmpTlstmSession Group 1622 snmpTlstmSession OBJECT IDENTIFIER ::= { snmpTlstmObjects 1 } 1624 snmpTlstmSessionOpens OBJECT-TYPE 1625 SYNTAX Counter32 1626 MAX-ACCESS read-only 1627 STATUS current 1628 DESCRIPTION 1629 "The number of times an openSession() request has been executed 1630 as an (D)TLS client, regardless of whether it succeeded or 1631 failed." 1632 ::= { snmpTlstmSession 1 } 1634 snmpTlstmSessionClientCloses OBJECT-TYPE 1635 SYNTAX Counter32 1636 MAX-ACCESS read-only 1637 STATUS current 1638 DESCRIPTION 1639 "The number of times a closeSession() request has been 1640 executed as an (D)TLS client, regardless of whether it 1641 succeeded or failed." 1642 ::= { snmpTlstmSession 2 } 1644 snmpTlstmSessionOpenErrors OBJECT-TYPE 1645 SYNTAX Counter32 1646 MAX-ACCESS read-only 1647 STATUS current 1648 DESCRIPTION 1649 "The number of times an openSession() request failed to open a 1650 session as a (D)TLS client, for any reason." 1651 ::= { snmpTlstmSession 3 } 1653 snmpTlstmSessionAccepts OBJECT-TYPE 1654 SYNTAX Counter32 1655 MAX-ACCESS read-only 1656 STATUS current 1657 DESCRIPTION 1658 "The number of times a (D)TLS server has accepted a new 1659 connection from a client and has received at least one SNMP 1660 message through it." 1662 ::= { snmpTlstmSession 4 } 1664 snmpTlstmSessionServerCloses OBJECT-TYPE 1665 SYNTAX Counter32 1666 MAX-ACCESS read-only 1667 STATUS current 1668 DESCRIPTION 1669 "The number of times a closeSession() request has been 1670 executed as an (D)TLS server, regardless of whether it 1671 succeeded or failed." 1672 ::= { snmpTlstmSession 5 } 1674 snmpTlstmSessionNoSessions OBJECT-TYPE 1675 SYNTAX Counter32 1676 MAX-ACCESS read-only 1677 STATUS current 1678 DESCRIPTION 1679 "The number of times an outgoing message was dropped because 1680 the session associated with the passed tmStateReference was no 1681 longer (or was never) available." 1682 ::= { snmpTlstmSession 6 } 1684 snmpTlstmSessionInvalidClientCertificates OBJECT-TYPE 1685 SYNTAX Counter32 1686 MAX-ACCESS read-only 1687 STATUS current 1688 DESCRIPTION 1689 "The number of times an incoming session was not established 1690 on an (D)TLS server because the presented client certificate 1691 was invalid. Reasons for invalidation include, but are not 1692 limited to, cryptographic validation failures or lack of a 1693 suitable mapping row in the snmpTlstmCertToTSNTable." 1694 ::= { snmpTlstmSession 7 } 1696 snmpTlstmSessionUnknownServerCertificate OBJECT-TYPE 1697 SYNTAX Counter32 1698 MAX-ACCESS read-only 1699 STATUS current 1700 DESCRIPTION 1701 "The number of times an outgoing session was not established 1702 on an (D)TLS client because the server certificate presented 1703 by a SNMP over (D)TLS server was invalid because no 1704 configured fingerprint or CA was acceptable to validate it. 1705 This may result because there was no entry in the 1706 snmpTlstmAddrTable or because no path could be found to a 1707 known certification authority." 1708 ::= { snmpTlstmSession 8 } 1710 snmpTlstmSessionInvalidServerCertificates OBJECT-TYPE 1711 SYNTAX Counter32 1712 MAX-ACCESS read-only 1713 STATUS current 1714 DESCRIPTION 1715 "The number of times an outgoing session was not established 1716 on an (D)TLS client because the server certificate presented 1717 by an SNMP over (D)TLS server could not be validated even if 1718 the fingerprint or expected validation path was known. I.E., 1719 a cryptographic validation error occurred during certificate 1720 validation processing. 1722 Reasons for invalidation include, but are not 1723 limited to, cryptographic validation failures." 1724 ::= { snmpTlstmSession 9 } 1726 snmpTlstmSessionInvalidCaches OBJECT-TYPE 1727 SYNTAX Counter32 1728 MAX-ACCESS read-only 1729 STATUS current 1730 DESCRIPTION 1731 "The number of outgoing messages dropped because the 1732 tmStateReference referred to an invalid cache." 1733 ::= { snmpTlstmSession 10 } 1735 -- Configuration Objects 1737 snmpTlstmConfig OBJECT IDENTIFIER ::= { snmpTlstmObjects 2 } 1739 -- Certificate mapping 1741 snmpTlstmCertificateMapping OBJECT IDENTIFIER ::= { snmpTlstmConfig 1 } 1743 snmpTlstmCertToTSNCount OBJECT-TYPE 1744 SYNTAX Gauge32 1745 MAX-ACCESS read-only 1746 STATUS current 1747 DESCRIPTION 1748 "A count of the number of entries in the 1749 snmpTlstmCertToTSNTable" 1750 ::= { snmpTlstmCertificateMapping 1 } 1752 snmpTlstmCertToTSNTableLastChanged OBJECT-TYPE 1753 SYNTAX TimeStamp 1754 MAX-ACCESS read-only 1755 STATUS current 1756 DESCRIPTION 1757 "The value of sysUpTime.0 when the snmpTlstmCertToTSNTable was 1758 last modified through any means, or 0 if it has not been 1759 modified since the command responder was started." 1760 ::= { snmpTlstmCertificateMapping 2 } 1762 snmpTlstmCertToTSNTable OBJECT-TYPE 1763 SYNTAX SEQUENCE OF SnmpTlstmCertToTSNEntry 1764 MAX-ACCESS not-accessible 1765 STATUS current 1766 DESCRIPTION 1767 "This table is used by a (D)TLS server to map the (D)TLS 1768 client's presented X.509 certificate to a tmSecurityName. 1770 On an incoming (D)TLS/SNMP connection the client's presented 1771 certificate must either be validated based on an established 1772 trust anchor, or it must directly match a fingerprint in this 1773 table. This table does not provide any mechanisms for 1774 configuring the trust anchors; the transfer of any needed 1775 trusted certificates for path validation is expected to occur 1776 through an out-of-band transfer. 1778 Once the certificate has been found acceptable (either by path 1779 validation or directly matching a fingerprint in this table), 1780 this table is consulted to determine the appropriate 1781 tmSecurityName to identify with the remote connection. This 1782 is done by considering each active row from this table in 1783 prioritized order according to its snmpTlstmCertToTSNID value. 1784 Each row's snmpTlstmCertToTSNFingerprint value determines 1785 whether the row is a match for the incoming connection: 1787 1) If the row's snmpTlstmCertToTSNFingerprint value 1788 identifies the presented certificate then consider the 1789 row as a successful match. 1791 2) If the row's snmpTlstmCertToTSNFingerprint value 1792 identifies a locally held copy of a trusted CA 1793 certificate and that CA certificate was used to 1794 validate the path to the presented certificate then 1795 consider the row as a successful match. 1797 Once a matching row has been found, the 1798 snmpTlstmCertToTSNMapType value can be used to determine how 1799 the tmSecurityName to associate with the session should be 1800 determined. See the snmpTlstmCertToTSNMapType column's 1801 DESCRIPTION for details on determining the tmSecurityName 1802 value. If it is impossible to determine a tmSecurityName from 1803 the row's data combined with the data presented in the 1804 certificate then additional rows MUST be searched looking for 1805 another potential match. If a resulting tmSecurityName mapped 1806 from a given row is not compatible with the needed 1807 requirements of a tmSecurityName (e.g., VACM imposes a 1808 32-octet-maximum length and the certificate derived 1809 securityName could be longer) then it must be considered an 1810 invalid match and additional rows MUST be searched looking for 1811 another potential match. 1813 Missing values of snmpTlstmCertToTSNID are acceptable and 1814 implementations should continue to the next highest numbered 1815 row. E.G., the table may legally contain only two rows with 1816 snmpTlstmCertToTSNID values of 10 and 20. 1818 Users are encouraged to make use of certificates with 1819 subjectAltName fields that can be used as tmSecurityNames so 1820 that a single root CA certificate can allow all child 1821 certificate's subjectAltName to map directly to a 1822 tmSecurityName via a 1:1 transformation. However, this table 1823 is flexible to allow for situations where existing deployed 1824 certificate infrastructures do not provide adequate 1825 subjectAltName values for use as tmSecurityNames. 1826 Certificates may also be mapped to tmSecurityNames using the 1827 CommonName portion of the Subject field. However, the usage 1828 of the CommonName field is deprecated and thus this usage is 1829 NOT RECOMMENDED. Direct mapping from each individual 1830 certificate fingerprint to a tmSecurityName is also possible 1831 but requires one entry in the table per tmSecurityName and 1832 requires more management operations to completely configure a 1833 device." 1834 ::= { snmpTlstmCertificateMapping 3 } 1836 snmpTlstmCertToTSNEntry OBJECT-TYPE 1837 SYNTAX SnmpTlstmCertToTSNEntry 1838 MAX-ACCESS not-accessible 1839 STATUS current 1840 DESCRIPTION 1841 "A row in the snmpTlstmCertToTSNTable that specifies a mapping 1842 for an incoming (D)TLS certificate to a tmSecurityName to use 1843 for a connection." 1844 INDEX { snmpTlstmCertToTSNID } 1845 ::= { snmpTlstmCertToTSNTable 1 } 1847 SnmpTlstmCertToTSNEntry ::= SEQUENCE { 1848 snmpTlstmCertToTSNID Unsigned32, 1849 snmpTlstmCertToTSNFingerprint Fingerprint, 1850 snmpTlstmCertToTSNMapType AutonomousType, 1851 snmpTlstmCertToTSNData OCTET STRING, 1852 snmpTlstmCertToTSNStorageType StorageType, 1853 snmpTlstmCertToTSNRowStatus RowStatus 1855 } 1857 snmpTlstmCertToTSNID OBJECT-TYPE 1858 SYNTAX Unsigned32 (1..4294967295) 1859 MAX-ACCESS not-accessible 1860 STATUS current 1861 DESCRIPTION 1862 "A unique, prioritized index for the given entry. Lower 1863 numbers indicate a higher priority." 1864 ::= { snmpTlstmCertToTSNEntry 1 } 1866 snmpTlstmCertToTSNFingerprint OBJECT-TYPE 1867 SYNTAX Fingerprint (SIZE(1..255)) 1868 MAX-ACCESS read-create 1869 STATUS current 1870 DESCRIPTION 1871 "A cryptographic hash of a X.509 certificate. The results of 1872 a successful matching fingerprint to either the trusted CA in 1873 the certificate validation path or to the certificate itself 1874 is dictated by the snmpTlstmCertToTSNMapType column." 1875 ::= { snmpTlstmCertToTSNEntry 2 } 1877 snmpTlstmCertToTSNMapType OBJECT-TYPE 1878 SYNTAX AutonomousType 1879 MAX-ACCESS read-create 1880 STATUS current 1881 DESCRIPTION 1882 "Specifies the mapping type for deriving a tmSecurityName from 1883 a certificate. Details for mapping of a particular type SHALL 1884 be specified in the DESCRIPTION clause of the OBJECT-IDENTITY 1885 that describes the mapping. If a mapping succeeds it will 1886 return a tmSecurityName for use by the TLSTM model and 1887 processing stops. 1889 If the resulting mapped value is not compatible with the 1890 needed requirements of a tmSecurityName (e.g., VACM imposes a 1891 32-octet-maximum length and the certificate derived 1892 securityName could be longer) then future rows MUST be 1893 searched for additional snmpTlstmCertToTSNFingerprint matches 1894 to look for a mapping that succeeds." 1895 DEFVAL { snmpTlstmCertSpecified } 1896 ::= { snmpTlstmCertToTSNEntry 3 } 1898 snmpTlstmCertToTSNData OBJECT-TYPE 1899 SYNTAX OCTET STRING (SIZE(0..1024)) 1900 MAX-ACCESS read-create 1901 STATUS current 1902 DESCRIPTION 1903 "Auxiliary data used as optional configuration information for 1904 a given mapping specified by the snmpTlstmCertToTSNMapType 1905 column. Only some mapping systems will make use of this 1906 column. The value in this column MUST be ignored for any 1907 mapping type that does not require data present in this 1908 column." 1909 DEFVAL { "" } 1910 ::= { snmpTlstmCertToTSNEntry 4 } 1912 snmpTlstmCertToTSNStorageType OBJECT-TYPE 1913 SYNTAX StorageType 1914 MAX-ACCESS read-create 1915 STATUS current 1916 DESCRIPTION 1917 "The storage type for this conceptual row. Conceptual rows 1918 having the value 'permanent' need not allow write-access to 1919 any columnar objects in the row." 1920 DEFVAL { nonVolatile } 1921 ::= { snmpTlstmCertToTSNEntry 5 } 1923 snmpTlstmCertToTSNRowStatus OBJECT-TYPE 1924 SYNTAX RowStatus 1925 MAX-ACCESS read-create 1926 STATUS current 1927 DESCRIPTION 1928 "The status of this conceptual row. This object may be used 1929 to create or remove rows from this table. 1931 To create a row in this table, an administrator must set this 1932 object to either createAndGo(4) or createAndWait(5). 1934 Until instances of all corresponding columns are appropriately 1935 configured, the value of the corresponding instance of the 1936 snmpTlstmParamsRowStatus column is 'notReady'. 1938 In particular, a newly created row cannot be made active until 1939 the corresponding snmpTlstmCertToTSNFingerprint, 1940 snmpTlstmCertToTSNMapType, and snmpTlstmCertToTSNData columns 1941 have been set. 1943 The following objects may not be modified while the 1944 value of this object is active(1): 1945 - snmpTlstmCertToTSNFingerprint 1946 - snmpTlstmCertToTSNMapType 1947 - snmpTlstmCertToTSNData 1948 An attempt to set these objects while the value of 1949 snmpTlstmParamsRowStatus is active(1) will result in 1950 an inconsistentValue error." 1952 ::= { snmpTlstmCertToTSNEntry 6 } 1954 -- Maps tmSecurityNames to certificates for use by the SNMP-TARGET-MIB 1956 snmpTlstmParamsCount OBJECT-TYPE 1957 SYNTAX Gauge32 1958 MAX-ACCESS read-only 1959 STATUS current 1960 DESCRIPTION 1961 "A count of the number of entries in the snmpTlstmParamsTable" 1962 ::= { snmpTlstmCertificateMapping 4 } 1964 snmpTlstmParamsTableLastChanged OBJECT-TYPE 1965 SYNTAX TimeStamp 1966 MAX-ACCESS read-only 1967 STATUS current 1968 DESCRIPTION 1969 "The value of sysUpTime.0 when the snmpTlstmParamsTable 1970 was last modified through any means, or 0 if it has not been 1971 modified since the command responder was started." 1972 ::= { snmpTlstmCertificateMapping 5 } 1974 snmpTlstmParamsTable OBJECT-TYPE 1975 SYNTAX SEQUENCE OF SnmpTlstmParamsEntry 1976 MAX-ACCESS not-accessible 1977 STATUS current 1978 DESCRIPTION 1979 "This table is used by a (D)TLS client when a (D)TLS 1980 connection is being set up using an entry in the 1981 SNMP-TARGET-MIB. It extends the SNMP-TARGET-MIB's 1982 snmpTargetParamsTable with a fingerprint of a certificate to 1983 use when establishing such a (D)TLS connection." 1984 ::= { snmpTlstmCertificateMapping 6 } 1986 snmpTlstmParamsEntry OBJECT-TYPE 1987 SYNTAX SnmpTlstmParamsEntry 1988 MAX-ACCESS not-accessible 1989 STATUS current 1990 DESCRIPTION 1991 "A conceptual row containing a fingerprint hash of a locally 1992 held certificate for a given snmpTargetParamsEntry. The 1993 values in this row should be ignored if the connection that 1994 needs to be established, as indicated by the SNMP-TARGET-MIB 1995 infrastructure, is not a certificate and (D)TLS based 1996 connection. The connection SHOULD NOT be established if the 1997 certificate fingerprint stored in this entry does not point to 1998 a valid locally held certificate or if it points to an 1999 unusable certificate (such as might happen when the 2000 certificate's expiration date has been reached)." 2001 INDEX { IMPLIED snmpTargetParamsName } 2002 ::= { snmpTlstmParamsTable 1 } 2004 SnmpTlstmParamsEntry ::= SEQUENCE { 2005 snmpTlstmParamsClientFingerprint Fingerprint, 2006 snmpTlstmParamsStorageType StorageType, 2007 snmpTlstmParamsRowStatus RowStatus 2008 } 2010 snmpTlstmParamsClientFingerprint OBJECT-TYPE 2011 SYNTAX Fingerprint 2012 MAX-ACCESS read-create 2013 STATUS current 2014 DESCRIPTION 2015 "A cryptographic hash of a X.509 certificate. This object 2016 should store the hash of a locally held X.509 certificate that 2017 should be used (along with the corresponding private key) when 2018 initiating a (D)TLS connection as a (D)TLS client." 2019 ::= { snmpTlstmParamsEntry 1 } 2021 snmpTlstmParamsStorageType OBJECT-TYPE 2022 SYNTAX StorageType 2023 MAX-ACCESS read-create 2024 STATUS current 2025 DESCRIPTION 2026 "The storage type for this conceptual row. Conceptual rows 2027 having the value 'permanent' need not allow write-access to 2028 any columnar objects in the row." 2029 DEFVAL { nonVolatile } 2030 ::= { snmpTlstmParamsEntry 2 } 2032 snmpTlstmParamsRowStatus OBJECT-TYPE 2033 SYNTAX RowStatus 2034 MAX-ACCESS read-create 2035 STATUS current 2036 DESCRIPTION 2037 "The status of this conceptual row. This object may be used 2038 to create or remove rows from this table. 2040 To create a row in this table, an administrator must set this 2041 object to either createAndGo(4) or createAndWait(5). 2043 Until instances of all corresponding columns are appropriately 2044 configured, the value of the corresponding instance of the 2045 snmpTlstmParamsRowStatus column is 'notReady'. 2047 In particular, a newly created row cannot be made active until 2048 the corresponding snmpTlstmParamsClientFingerprint column has 2049 been set. 2051 The snmpTlstmParamsClientFingerprint object may not be modified 2052 while the value of this object is active(1). 2054 An attempt to set these objects while the value of 2055 snmpTlstmParamsRowStatus is active(1) will result in 2056 an inconsistentValue error." 2057 ::= { snmpTlstmParamsEntry 3 } 2059 snmpTlstmAddrCount OBJECT-TYPE 2060 SYNTAX Gauge32 2061 MAX-ACCESS read-only 2062 STATUS current 2063 DESCRIPTION 2064 "A count of the number of entries in the snmpTlstmAddrTable" 2065 ::= { snmpTlstmCertificateMapping 7 } 2067 snmpTlstmAddrTableLastChanged OBJECT-TYPE 2068 SYNTAX TimeStamp 2069 MAX-ACCESS read-only 2070 STATUS current 2071 DESCRIPTION 2072 "The value of sysUpTime.0 when the snmpTlstmAddrTable 2073 was last modified through any means, or 0 if it has not been 2074 modified since the command responder was started." 2075 ::= { snmpTlstmCertificateMapping 8 } 2077 snmpTlstmAddrTable OBJECT-TYPE 2078 SYNTAX SEQUENCE OF SnmpTlstmAddrEntry 2079 MAX-ACCESS not-accessible 2080 STATUS current 2081 DESCRIPTION 2082 "This table is used by a (D)TLS client when a (D)TLS 2083 connection is being set up using an entry in the 2084 SNMP-TARGET-MIB. It extends the SNMP-TARGET-MIB's 2085 snmpTargetAddrTable so that the client can verify that the 2086 correct server has been reached. This verification can use 2087 either a certificate fingerprint, or an identity 2088 authenticated via certification path validation. 2090 If there is an active row in this table corresponding to the 2091 entry in the SNMP-TARGET-MIB that was used to establish the 2092 connection, and the row's snmpTlstmAddrServerFingerprint 2093 column has non-empty value, then the server's presented 2094 certificate is compared with the 2095 snmpTlstmAddrServerFingerprint value (and the 2096 snmpTlstmAddrServerIdentity column is ignored). If the 2097 fingerprint matches, the verification has succeeded. If the 2098 fingerprint does not match then the connection MUST be 2099 closed. 2101 If the server's presented certificate has passed 2102 certification path validation [RFC5280] to a configured 2103 trust anchor, and an active row exists with a zero-length 2104 snmpTlstmAddrServerFingerprint value, then the 2105 snmpTlstmAddrServerIdentity column contains the expected 2106 host name. This expected host name is then compared against 2107 the server's certificate as follows: 2109 - Implementations MUST support matching the expected host 2110 name against a dNSName in the subjectAltName extension 2111 field and SHOULD support checking the name against the 2112 common name portion of the subject distinguished name. 2114 - The '*' (ASCII 0x2a) wildcard character is allowed in the 2115 dNSName of the subjectAltName extension (and in common 2116 name, if used to store the host name), but only as the 2117 left-most (least significant) DNS label in that value. 2118 This wildcard matches any left-most DNS label in the 2119 server name. That is, the subject *.example.com matches 2120 the server names a.example.com and b.example.com, but does 2121 not match example.com or a.b.example.com. Implementations 2122 MUST support wildcards in certificates as specified above, 2123 but MAY provide a configuration option to disable them. 2125 - If the locally configured name is an internationalized 2126 domain name, conforming implementations MUST convert it to 2127 the ASCII Compatible Encoding (ACE) format for performing 2128 comparisons, as specified in Section 7 of [RFC5280]. 2130 If the expected host name fails these conditions then the 2131 connection MUST be closed. 2133 If there is no row in this table corresponding to the entry 2134 in the SNMP-TARGET-MIB and the server can be authorized by 2135 another, implementation dependent means, then the connection 2136 MAY still proceed." 2138 ::= { snmpTlstmCertificateMapping 9 } 2140 snmpTlstmAddrEntry OBJECT-TYPE 2141 SYNTAX SnmpTlstmAddrEntry 2142 MAX-ACCESS not-accessible 2143 STATUS current 2144 DESCRIPTION 2145 "A conceptual row containing a copy of a certificate's 2146 fingerprint for a given snmpTargetAddrEntry. The values in 2147 this row should be ignored if the connection that needs to be 2148 established, as indicated by the SNMP-TARGET-MIB 2149 infrastructure, is not a (D)TLS based connection. If an 2150 snmpTlstmAddrEntry exists for a given snmpTargetAddrEntry then 2151 the presented server certificate MUST match or the connection 2152 MUST NOT be established. If a row in this table does not 2153 exist to match a snmpTargetAddrEntry row then the connection 2154 SHOULD still proceed if some other certificate validation path 2155 algorithm (e.g. RFC5280) can be used." 2156 INDEX { IMPLIED snmpTargetAddrName } 2157 ::= { snmpTlstmAddrTable 1 } 2159 SnmpTlstmAddrEntry ::= SEQUENCE { 2160 snmpTlstmAddrServerFingerprint Fingerprint, 2161 snmpTlstmAddrServerIdentity SnmpAdminString, 2162 snmpTlstmAddrStorageType StorageType, 2163 snmpTlstmAddrRowStatus RowStatus 2164 } 2166 snmpTlstmAddrServerFingerprint OBJECT-TYPE 2167 SYNTAX Fingerprint 2168 MAX-ACCESS read-create 2169 STATUS current 2170 DESCRIPTION 2171 "A cryptographic hash of a public X.509 certificate. This 2172 object should store the hash of the public X.509 certificate 2173 that the remote server should present during the (D)TLS 2174 connection setup. The fingerprint of the presented 2175 certificate and this hash value MUST match exactly or the 2176 connection MUST NOT be established." 2177 DEFVAL { "" } 2178 ::= { snmpTlstmAddrEntry 1 } 2180 snmpTlstmAddrServerIdentity OBJECT-TYPE 2181 SYNTAX SnmpAdminString 2182 MAX-ACCESS read-create 2183 STATUS current 2184 DESCRIPTION 2185 "The reference identity to check against the identity 2186 presented by the remote system." 2187 DEFVAL { "" } 2188 ::= { snmpTlstmAddrEntry 2 } 2190 snmpTlstmAddrStorageType OBJECT-TYPE 2191 SYNTAX StorageType 2192 MAX-ACCESS read-create 2193 STATUS current 2194 DESCRIPTION 2195 "The storage type for this conceptual row. Conceptual rows 2196 having the value 'permanent' need not allow write-access to 2197 any columnar objects in the row." 2198 DEFVAL { nonVolatile } 2199 ::= { snmpTlstmAddrEntry 3 } 2201 snmpTlstmAddrRowStatus OBJECT-TYPE 2202 SYNTAX RowStatus 2203 MAX-ACCESS read-create 2204 STATUS current 2205 DESCRIPTION 2206 "The status of this conceptual row. This object may be used 2207 to create or remove rows from this table. 2209 To create a row in this table, an administrator must set this 2210 object to either createAndGo(4) or createAndWait(5). 2212 Until instances of all corresponding columns are 2213 appropriately configured, the value of the 2214 corresponding instance of the snmpTlstmAddrRowStatus 2215 column is 'notReady'. 2217 In particular, a newly created row cannot be made active until 2218 the corresponding snmpTlstmAddrServerFingerprint column has been 2219 set. 2221 Rows MUST NOT be active if the snmpTlstmAddrServerFingerprint 2222 column is blank and the snmpTlstmAddrServerIdentity is set to 2223 '*' since this would insecurely accept any presented 2224 certificate. 2226 The snmpTlstmAddrServerFingerprint object may not be modified 2227 while the value of this object is active(1). 2229 An attempt to set these objects while the value of 2230 snmpTlstmAddrRowStatus is active(1) will result in 2231 an inconsistentValue error." 2232 ::= { snmpTlstmAddrEntry 4 } 2234 -- ************************************************ 2235 -- snmpTlstmNotifications - Notifications Information 2236 -- ************************************************ 2237 snmpTlstmServerCertificateUnknown NOTIFICATION-TYPE 2238 OBJECTS { snmpTlstmSessionUnknownServerCertificate } 2239 STATUS current 2240 DESCRIPTION 2241 "Notification that the server certificate presented by a SNMP 2242 over (D)TLS server was invalid because no configured 2243 fingerprint or CA was acceptable to validate it. This may be 2244 because there was no entry in the snmpTlstmAddrTable or 2245 because no path could be found to known certificate 2246 authority. 2248 To avoid notification loops, this notification MUST NOT be 2249 sent to servers that themselves have triggered the 2250 notification." 2251 ::= { snmpTlstmNotifications 1 } 2253 snmpTlstmServerInvalidCertificate NOTIFICATION-TYPE 2254 OBJECTS { snmpTlstmAddrServerFingerprint, 2255 snmpTlstmSessionInvalidServerCertificates} 2256 STATUS current 2257 DESCRIPTION 2258 "Notification that the server certificate presented by an SNMP 2259 over (D)TLS server could not be validated even if the 2260 fingerprint or expected validation path was known. I.E., a 2261 cryptographic validation occurred during certificate 2262 validation processing. 2264 To avoid notification loops, this notification MUST NOT be 2265 sent to servers that themselves have triggered the 2266 notification." 2267 ::= { snmpTlstmNotifications 2 } 2269 -- ************************************************ 2270 -- snmpTlstmCompliances - Conformance Information 2271 -- ************************************************ 2273 snmpTlstmCompliances OBJECT IDENTIFIER ::= { snmpTlstmConformance 1 } 2275 snmpTlstmGroups OBJECT IDENTIFIER ::= { snmpTlstmConformance 2 } 2277 -- ************************************************ 2278 -- Compliance statements 2279 -- ************************************************ 2281 snmpTlstmCompliance MODULE-COMPLIANCE 2282 STATUS current 2283 DESCRIPTION 2284 "The compliance statement for SNMP engines that support the 2285 SNMP-TLS-TM-MIB" 2286 MODULE 2287 MANDATORY-GROUPS { snmpTlstmStatsGroup, 2288 snmpTlstmIncomingGroup, 2289 snmpTlstmOutgoingGroup, 2290 snmpTlstmNotificationGroup } 2291 ::= { snmpTlstmCompliances 1 } 2293 -- ************************************************ 2294 -- Units of conformance 2295 -- ************************************************ 2296 snmpTlstmStatsGroup OBJECT-GROUP 2297 OBJECTS { 2298 snmpTlstmSessionOpens, 2299 snmpTlstmSessionClientCloses, 2300 snmpTlstmSessionOpenErrors, 2301 snmpTlstmSessionAccepts, 2302 snmpTlstmSessionServerCloses, 2303 snmpTlstmSessionNoSessions, 2304 snmpTlstmSessionInvalidClientCertificates, 2305 snmpTlstmSessionUnknownServerCertificate, 2306 snmpTlstmSessionInvalidServerCertificates, 2307 snmpTlstmSessionInvalidCaches 2308 } 2309 STATUS current 2310 DESCRIPTION 2311 "A collection of objects for maintaining 2312 statistical information of an SNMP engine which 2313 implements the SNMP TLS Transport Model." 2314 ::= { snmpTlstmGroups 1 } 2316 snmpTlstmIncomingGroup OBJECT-GROUP 2317 OBJECTS { 2318 snmpTlstmCertToTSNCount, 2319 snmpTlstmCertToTSNTableLastChanged, 2320 snmpTlstmCertToTSNFingerprint, 2321 snmpTlstmCertToTSNMapType, 2322 snmpTlstmCertToTSNData, 2323 snmpTlstmCertToTSNStorageType, 2324 snmpTlstmCertToTSNRowStatus 2325 } 2326 STATUS current 2327 DESCRIPTION 2328 "A collection of objects for maintaining 2329 incoming connection certificate mappings to 2330 tmSecurityNames of an SNMP engine which implements the 2331 SNMP TLS Transport Model." 2332 ::= { snmpTlstmGroups 2 } 2334 snmpTlstmOutgoingGroup OBJECT-GROUP 2335 OBJECTS { 2336 snmpTlstmParamsCount, 2337 snmpTlstmParamsTableLastChanged, 2338 snmpTlstmParamsClientFingerprint, 2339 snmpTlstmParamsStorageType, 2340 snmpTlstmParamsRowStatus, 2341 snmpTlstmAddrCount, 2342 snmpTlstmAddrTableLastChanged, 2343 snmpTlstmAddrServerFingerprint, 2344 snmpTlstmAddrServerIdentity, 2345 snmpTlstmAddrStorageType, 2346 snmpTlstmAddrRowStatus 2347 } 2348 STATUS current 2349 DESCRIPTION 2350 "A collection of objects for maintaining 2351 outgoing connection certificates to use when opening 2352 connections as a result of SNMP-TARGET-MIB settings." 2353 ::= { snmpTlstmGroups 3 } 2355 snmpTlstmNotificationGroup NOTIFICATION-GROUP 2356 NOTIFICATIONS { 2357 snmpTlstmServerCertificateUnknown, 2358 snmpTlstmServerInvalidCertificate 2359 } 2360 STATUS current 2361 DESCRIPTION 2362 "Notifications" 2363 ::= { snmpTlstmGroups 4 } 2365 END 2367 8. Operational Considerations 2369 This section discusses various operational aspects of deploying 2370 TLSTM. 2372 8.1. Sessions 2374 A session is discussed throughout this document as meaning a security 2375 association between two TLSTM instances. State information for the 2376 sessions are maintained in each TLSTM implementation and this 2377 information is created and destroyed as sessions are opened and 2378 closed. A "broken" session (one side up and one side down) can 2379 result if one side of a session is brought down abruptly (i.e., 2380 reboot, power outage, etc.). Whenever possible, implementations 2381 SHOULD provide graceful session termination through the use of 2382 disconnect messages. Implementations SHOULD also have a system in 2383 place for detecting "broken" sessions through the use of heartbeats 2384 [I-D.seggelmann-tls-dtls-heartbeat] or other detection mechanisms. 2386 Implementations SHOULD limit the lifetime of established sessions 2387 depending on the algorithms used for generation of the master session 2388 secret, the privacy and integrity algorithms used to protect 2389 messages, the environment of the session, the amount of data 2390 transferred, and the sensitivity of the data. 2392 8.2. Notification Receiver Credential Selection 2394 When an SNMP engine needs to establish an outgoing session for 2395 notifications, the snmpTargetParamsTable includes an entry for the 2396 snmpTargetParamsSecurityName of the target. Servers that wish to 2397 support multiple principals at a particular port SHOULD make use of 2398 the Server Name Indication extension defined in Section 3.1 of 2399 [RFC4366]. Without the Server Name Indication the receiving SNMP 2400 engine (Server) will not know which (D)TLS certificate to offer to 2401 the Client so that the tmSecurityName identity-authentication will be 2402 successful. 2404 Another solution is to maintain a one-to-one mapping between 2405 certificates and incoming ports for notification receivers. This can 2406 be handled at the notification originator by configuring the 2407 snmpTargetAddrTable (snmpTargetAddrTDomain and 2408 snmpTargetAddrTAddress) and requiring the receiving SNMP engine to 2409 monitor multiple incoming static ports based on which principals are 2410 capable of receiving notifications. 2412 Implementations MAY also choose to designate a single Notification 2413 Receiver Principal to receive all incoming notifications or select an 2414 implementation specific method of selecting a server certificate to 2415 present to clients. 2417 8.3. contextEngineID Discovery 2419 Most command responders have contextEngineIDs that are identical to 2420 the USM securityEngineID. USM provides a discovery service that 2421 allows command generators to determine a securityEngineID and thus a 2422 default contextEngineID to use. Because the TLS Transport Model does 2423 not make use of a securityEngineID, it may be difficult for command 2424 generators to discover a suitable default contextEngineID. 2425 Implementations should consider offering another engineID discovery 2426 mechanism to continue providing Command Generators with a suitable 2427 contextEngineID mechanism. A recommended discovery solution is 2428 documented in [RFC5343]. 2430 8.4. Transport Considerations 2432 This document defines how SNMP messages can be transmitted over the 2433 TLS and DTLS based protocols. Each of these protocols are 2434 additionally based on other transports (TCP and UDP). These two base 2435 protocols also have operational considerations that must be taken 2436 into consideration when selecting a (D)TLS based protocol to use such 2437 as its performance in degraded or limited networks. It is beyond the 2438 scope of this document to summarize the characteristics of these 2439 transport mechanisms. Please refer to the base protocol documents 2440 for details on messaging considerations with respect to MTU size, 2441 fragmentation, performance in lossy-networks, etc. 2443 9. Security Considerations 2445 This document describes a transport model that permits SNMP to 2446 utilize (D)TLS security services. The security threats and how the 2447 (D)TLS transport model mitigates these threats are covered in detail 2448 throughout this document. Security considerations for DTLS are 2449 covered in [RFC4347] and security considerations for TLS are 2450 described in Section 11 and Appendices D, E, and F of TLS 1.2 2451 [RFC5246]. When run over a connectionless transport such as UDP, 2452 DTLS is more vulnerable to denial of service attacks from spoofed IP 2453 addresses; see Section 4.2 for details how the cookie exchange is 2454 used to address this issue. 2456 9.1. Certificates, Authentication, and Authorization 2458 Implementations are responsible for providing a security certificate 2459 installation and configuration mechanism. Implementations SHOULD 2460 support certificate revocation lists. 2462 (D)TLS provides for authentication of the identity of both the (D)TLS 2463 server and the (D)TLS client. Access to MIB objects for the 2464 authenticated principal MUST be enforced by an access control 2465 subsystem (e.g. the VACM). 2467 Authentication of the command generator principal's identity is 2468 important for use with the SNMP access control subsystem to ensure 2469 that only authorized principals have access to potentially sensitive 2470 data. The authenticated identity of the command generator 2471 principal's certificate is mapped to an SNMP model-independent 2472 securityName for use with SNMP access control. 2474 The (D)TLS handshake only provides assurance that the certificate of 2475 the authenticated identity has been signed by an configured accepted 2476 certification authority. (D)TLS has no way to further authorize or 2477 reject access based on the authenticated identity. An Access Control 2478 Model (such as the VACM) provides access control and authorization of 2479 a command generator's requests to a command responder and a 2480 notification responder's authorization to receive Notifications from 2481 a notification originator. However to avoid man-in-the-middle 2482 attacks both ends of the (D)TLS based connection MUST check the 2483 certificate presented by the other side against what was expected. 2484 For example, command generators must check that the command responder 2485 presented and authenticated itself with a X.509 certificate that was 2486 expected. Not doing so would allow an impostor, at a minimum, to 2487 present false data, receive sensitive information and/or provide a 2488 false belief that configuration was actually received and acted upon. 2489 Authenticating and verifying the identity of the (D)TLS server and 2490 the (D)TLS client for all operations ensures the authenticity of the 2491 SNMP engine that provides MIB data. 2493 The instructions found in the DESCRIPTION clause of the 2494 snmpTlstmCertToTSNTable object must be followed exactly. It is also 2495 important that the rows of the table be searched in prioritized order 2496 starting with the row containing the lowest numbered 2497 snmpTlstmCertToTSNID value. 2499 9.2. Use with SNMPv1/SNMPv2c Messages 2501 The SNMPv1 and SNMPv2c message processing described in [RFC3584] (BCP 2502 74) always selects the SNMPv1 or SNMPv2c Security Models, 2503 respectively. Both of these and the User-based Security Model 2504 typically used with SNMPv3 derive the securityName and securityLevel 2505 from the SNMP message received, even when the message was received 2506 over a secure transport. Access control decisions are therefore made 2507 based on the contents of the SNMP message, rather than using the 2508 authenticated identity and securityLevel provided by the TLS 2509 Transport Model. 2511 9.3. MIB Module Security 2513 There are a number of management objects defined in this MIB module 2514 with a MAX-ACCESS clause of read-write and/or read-create. Such 2515 objects may be considered sensitive or vulnerable in some network 2516 environments. The support for SET operations in a non-secure 2517 environment without proper protection can have a negative effect on 2518 network operations. These are the tables and objects and their 2519 sensitivity/vulnerability: 2521 o The snmpTlstmParamsTable can be used to change the outgoing X.509 2522 certificate used to establish a (D)TLS connection. Modification 2523 to objects in this table need to be adequately authenticated since 2524 modification to values in this table will have profound impacts to 2525 the security of outbound connections from the device. Since 2526 knowledge of authorization rules and certificate usage mechanisms 2527 may be considered sensitive, protection from disclosure of the 2528 SNMP traffic via encryption is also highly recommended. 2530 o The snmpTlstmAddrTable can be used to change the expectations of 2531 the certificates presented by a remote (D)TLS server. 2532 Modification to objects in this table need to be adequately 2533 authenticated since modification to values in this table will have 2534 profound impacts to the security of outbound connections from the 2535 device. Since knowledge of authorization rules and certificate 2536 usage mechanisms may be considered sensitive, protection from 2537 disclosure of the SNMP traffic via encryption is also highly 2538 recommended. 2540 o The snmpTlstmCertToTSNTable is used to specify the mapping of 2541 incoming X.509 certificates to tmSecurityNames which eventually 2542 get mapped to a SNMPv3 securityName. Modification to objects in 2543 this table need to be adequately authenticated since modification 2544 to values in this table will have profound impacts to the security 2545 of incoming connections to the device. Since knowledge of 2546 authorization rules and certificate usage mechanisms may be 2547 considered sensitive, protection from disclosure of the SNMP 2548 traffic via encryption is also highly recommended. 2550 Some of the readable objects in this MIB module (i.e., objects with a 2551 MAX-ACCESS other than not-accessible) may be considered sensitive or 2552 vulnerable in some network environments. It is thus important to 2553 control even GET and/or NOTIFY access to these objects and possibly 2554 to even encrypt the values of these objects when sending them over 2555 the network via SNMP. These are the tables and objects and their 2556 sensitivity/vulnerability: 2558 o This MIB contains a collection of counters that monitor the (D)TLS 2559 connections being established with a device. Since knowledge of 2560 connection and certificate usage mechanisms may be considered 2561 sensitive, protection from disclosure of the SNMP traffic via 2562 encryption is also highly recommended. 2564 SNMP versions prior to SNMPv3 did not include adequate security. 2565 Even if the network itself is secure (for example by using IPsec), 2566 even then, there is no control as to who on the secure network is 2567 allowed to access and GET/SET (read/change/create/delete) the objects 2568 in this MIB module. 2570 It is RECOMMENDED that implementers consider the security features as 2571 provided by the SNMPv3 framework (see [RFC3410], section 8), 2572 including full support for the SNMPv3 cryptographic mechanisms (for 2573 authentication and privacy). 2575 Further, deployment of SNMP versions prior to SNMPv3 is NOT 2576 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 2577 enable cryptographic security. It is then a customer/operator 2578 responsibility to ensure that the SNMP entity giving access to an 2579 instance of this MIB module is properly configured to give access to 2580 the objects only to those principals (users) that have legitimate 2581 rights to indeed GET or SET (change/create/delete) them. 2583 10. IANA Considerations 2585 IANA is requested to assign: 2587 1. Two TCP/UDP port numbers from the "Registered Ports" range of the 2588 Port Numbers registry, with the following keywords (where TBD1 2589 and TBD2 correspond to the assigned port numbers): 2591 Keyword Decimal Description References 2592 ------- ------- ----------- ---------- 2593 snmptls TBD1/tcp SNMPv3-TLS [RFC-isms-dtls-tm] 2594 snmpdtls TBD1/udp SNMPv3-DTLS [RFC-isms-dtls-tm] 2595 snmptls-trap TBD2/tcp SNMPv3-Trap-TLS [RFC-isms-dtls-tm] 2596 snmpdtls-trap TBD2/udp SNMPv3-Trap-DTLS [RFC-isms-dtls-tm] 2598 These are the default ports for receipt of SNMP command messages 2599 (snmptls and snmpdtls) and SNMP notification messages (snmptls- 2600 trap and snmpdtls-trap) over a TLS Transport Model as defined in 2601 this document. 2603 2. An SMI number under snmpDomains for the snmpTLSTCPDomain object 2604 identifier, 2606 3. An SMI number under snmpDomains for the snmpDTLSUDPDomain object 2607 identifier, 2609 4. A SMI number under mib-2, for the MIB module in this document, 2611 5. "tls" as the corresponding prefix for the snmpTLSTCPDomain in the 2612 SNMP Transport Model registry, 2614 6. "dtls" as the corresponding prefix for the snmpDTLSUDPDomain in 2615 the SNMP Transport Model registry, 2617 RFC Editor's note: this section should be replaced with appropriate 2618 descriptive assignment text after IANA assignments are made and prior 2619 to publication. 2621 11. Acknowledgements 2623 This document closely follows and copies the Secure Shell Transport 2624 Model for SNMP defined by David Harrington and Joseph Salowey in 2625 [RFC5292]. 2627 This document was reviewed by the following people who helped provide 2628 useful comments (in alphabetical order): Andy Donati, Pasi Eronen, 2629 David Harrington, Jeffrey Hutzelman, Alan Luchuk, Michael Peck, Tom 2630 Petch, Randy Presuhn, Ray Purvis, Peter Saint-Andre, Joseph Salowey, 2631 Jurgen Schonwalder, Dave Shield, Robert Story. 2633 This work was supported in part by the United States Department of 2634 Defense. Large portions of this document are based on work by 2635 General Dynamics C4 Systems and the following individuals: Brian 2636 Baril, Kim Bryant, Dana Deluca, Dan Hanson, Tim Huemiller, John 2637 Holzhauer, Colin Hoogeboom, Dave Kornbau, Chris Knaian, Dan Knaul, 2638 Charles Limoges, Steve Moccaldi, Gerardo Orlando, and Brandon Yip. 2640 12. References 2642 12.1. Normative References 2644 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 2645 Requirement Levels", BCP 14, RFC 2119, March 1997. 2647 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 2648 Schoenwaelder, Ed., "Structure of Management Information 2649 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. 2651 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 2652 Schoenwaelder, Ed., "Textual Conventions for SMIv2", 2653 STD 58, RFC 2579, April 1999. 2655 [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 2656 "Conformance Statements for SMIv2", STD 58, RFC 2580, 2657 April 1999. 2659 [RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An 2660 Architecture for Describing Simple Network Management 2661 Protocol (SNMP) Management Frameworks", STD 62, RFC 3411, 2662 December 2002. 2664 [RFC3413] Levi, D., Meyer, P., and B. Stewart, "Simple Network 2665 Management Protocol (SNMP) Applications", STD 62, 2666 RFC 3413, December 2002. 2668 [RFC3414] Blumenthal, U. and B. Wijnen, "User-based Security Model 2669 (USM) for version 3 of the Simple Network Management 2670 Protocol (SNMPv3)", STD 62, RFC 3414, December 2002. 2672 [RFC3415] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based 2673 Access Control Model (VACM) for the Simple Network 2674 Management Protocol (SNMP)", STD 62, RFC 3415, 2675 December 2002. 2677 [RFC3418] Presuhn, R., "Management Information Base (MIB) for the 2678 Simple Network Management Protocol (SNMP)", STD 62, 2679 RFC 3418, December 2002. 2681 [RFC3584] Frye, R., Levi, D., Routhier, S., and B. Wijnen, 2682 "Coexistence between Version 1, Version 2, and Version 3 2683 of the Internet-standard Network Management Framework", 2684 BCP 74, RFC 3584, August 2003. 2686 [RFC4347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer 2687 Security", RFC 4347, April 2006. 2689 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 2690 (TLS) Protocol Version 1.2", RFC 5246, August 2008. 2692 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 2693 Housley, R., and W. Polk, "Internet X.509 Public Key 2694 Infrastructure Certificate and Certificate Revocation List 2695 (CRL) Profile", RFC 5280, May 2008. 2697 [RFC5590] Harrington, D. and J. Schoenwaelder, "Transport Subsystem 2698 for the Simple Network Management Protocol (SNMP)", 2699 RFC 5590, June 2009. 2701 [RFC5591] Harrington, D. and W. Hardaker, "Transport Security Model 2702 for the Simple Network Management Protocol (SNMP)", 2703 RFC 5591, June 2009. 2705 12.2. Informative References 2707 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, 2708 "Introduction and Applicability Statements for Internet- 2709 Standard Management Framework", RFC 3410, December 2002. 2711 [RFC4366] Blake-Wilson, S., Nystrom, M., Hopwood, D., Mikkelsen, J., 2712 and T. Wright, "Transport Layer Security (TLS) 2713 Extensions", RFC 4366, April 2006. 2715 [RFC5292] Chen, E. and S. Sangli, "Address-Prefix-Based Outbound 2716 Route Filter for BGP-4", RFC 5292, August 2008. 2718 [RFC5343] Schoenwaelder, J., "Simple Network Management Protocol 2719 (SNMP) Context EngineID Discovery", RFC 5343, 2720 September 2008. 2722 [I-D.seggelmann-tls-dtls-heartbeat] 2723 Seggelmann, R., Tuexen, M., and M. Williams, "Transport 2724 Layer Security and Datagram Transport Layer Security 2725 Heartbeat Extension". 2727 Appendix A. Target and Notification Configuration Example 2729 Configuring the SNMP-TARGET-MIB and NOTIFICATION-MIB along with 2730 access control settings for the SNMP-VIEW-BASED-ACM-MIB can be a 2731 daunting task without an example to follow. The following section 2732 describes an example of what pieces must be in place to accomplish 2733 this configuration. 2735 The isAccessAllowed() ASI requires configuration to exist in the 2736 following SNMP-VIEW-BASED-ACM-MIB tables: 2738 vacmSecurityToGroupTable 2739 vacmAccessTable 2740 vacmViewTreeFamilyTable 2742 The only table that needs to be discussed as particularly different 2743 here is the vacmSecurityToGroupTable. This table is indexed by both 2744 the SNMPv3 security model and the security name. The security model, 2745 when TLSTM is in use, should be set to the value of 4, corresponding 2746 to the TSM [RFC5591]. An example vacmSecurityToGroupTable row might 2747 be filled out as follows (using a single SNMP SET request): 2749 vacmSecurityModel = 4 (TSM) 2750 vacmSecurityName = "blueberry" 2751 vacmGroupName = "administrators" 2752 vacmSecurityToGroupStorageType = 3 (nonVolatile) 2753 vacmSecurityToGroupStatus = 4 (createAndGo) 2755 This example will assume that the "administrators" group has been 2756 given proper permissions via rows in the vacmAccessTable and 2757 vacmViewTreeFamilyTable. 2759 Depending on whether this VACM configuration is for a Command 2760 Responder or a command generator the security name "blueberry" will 2761 come from a few different locations. 2763 A.1. Configuring the Notification Originator 2765 For notification originators performing authorization checks, the 2766 server's certificate must be verified against the expected 2767 certificate before proceeding to send the notification. The expected 2768 certificate from the server may be listed in the snmpTlstmAddrTable 2769 or may be determined through other X.509 path validation mechanisms. 2770 The securityName to use for VACM authorization checks is set by the 2771 SNMP-TARGET-MIB's snmpTargetParamsSecurityName column. 2773 The certificate that the notification originator should present to 2774 the server is taken from the snmpTlstmParamsClientFingerprint column 2775 from the appropriate entry in the snmpTlstmParamsTable table. (Or 2776 else a default certificate may be used if available.) 2778 To configure a notification originator to open a TLS over TCP 2779 connection to a notification receiver it must be configured so the 2780 server's presented certificate can be verified against the expected 2781 certificate before proceeding to send the notification. This is done 2782 by configuring the snmpTlstmAddrTable accordingly. For example, if 2783 the verification is done via certification path validation (to a 2784 trust anchor configured in implementation dependent manner), then the 2785 table entries could look like: 2787 snmpTargetAddrTable row: 2788 snmpTargetAddrName = "toNRAddr" 2789 snmpTargetAddrTDomain = snmpTLSTCPDomain 2790 snmpTargetAddrTAddress = "192.0.2.1:XXXTLSTCPTRAPPORT" 2791 snmpTargetAddrTimeout = 1500 2792 snmpTargetAddrRetryCount = 3 2793 snmpTargetAddrTagList = "toNRTag" 2794 snmpTargetAddrParams = "toNR" (MUST match below) 2795 snmpTargetAddrStorageType = 3 (nonVolatile) 2796 snmpTargetAddrColumnStatus = 4 (createAndGo) 2798 snmpTargetParamsTable row: 2799 snmpTargetParamsName = toNR 2800 snmpTargetParamsMPModel = SNMPv3 2801 snmpTargetParamsSecurityModel = 4 (TransportSecurityModel) 2802 snmpTargetParamsSecurityName = "blueberry" 2803 snmpTargetParamsSecurityLevel = 3 (authPriv) 2804 snmpTargetParamsStorageType = 3 (nonVolatile) 2805 snmpTargetParamsRowStatus = 4 (createAndGo0 2807 snmpTlstmAddrTable row: 2808 snmpTargetAddrName = "toNRAddr" 2809 snmpTlstmAddrServerFingerprint = "" 2810 snmpTlstmAddrServerIdentity = "server.example.org" 2811 snmpTlstmAddrStorageType = 3 (nonVolatile) 2812 snmpTlstmAddrRowStatus = 4 (createAndGo) 2814 Editor's note: replace the string "XXXTLSTCPTRAPPORT" above with the 2815 appropriately assigned "snmptls-trap" port. 2817 A.2. Configuring the Command Responder 2819 For command responder applications, the vacmSecurityName "blueberry" 2820 value is a value that derived from an incoming (D)TLS connection. 2821 The mapping from a recevied (D)TLS client certificate to a 2822 tmSecurityName is done with the snmpTlstmCertToTSNTable. The 2823 certificates must be loaded into the device so that a 2824 snmpTlstmCertToTSNEntry may refer to it. As an example, consider the 2825 following entry which will provide a mapping from a client's public 2826 X.509's hash fingerprint directly to the "blueberry" tmSecurityName: 2828 snmpTlstmCertToTSNID = 1 (chosen by ordering preference) 2829 snmpTlstmCertToTSNFingerprint = HASH (appropriate fingerprint) 2830 snmpTlstmCertToTSNMapType = snmpTlstmCertSpecified 2831 snmpTlstmCertToTSNSecurityName = "blueberry" 2832 snmpTlstmCertToTSNStorageType = 3 (nonVolatile) 2833 snmpTlstmCertToTSNRowStatus = 4 (createAndGo) 2835 The above is an example of how to map a particular certificate to a 2836 particular tmSecurityName. It is recommended, however, that users 2837 make use of direct subjectAltName or CommonName mappings where 2838 possible as it provides a more scalable approach to certificate 2839 management. This entry provides an example of using a subjectAltName 2840 mapping: 2842 snmpTlstmCertToTSNID = 1 (chosen by ordering preference) 2843 snmpTlstmCertToTSNFingerprint = HASH (appropriate fingerprint) 2844 snmpTlstmCertToTSNMapType = snmpTlstmCertSANAny 2845 snmpTlstmCertToTSNData = "" (not used) 2846 snmpTlstmCertToTSNStorageType = 3 (nonVolatile) 2847 snmpTlstmCertToTSNRowStatus = 4 (createAndGo) 2849 The above entry indicates the subjectAltName field for certificates 2850 created by an issuing certificate with a corresponding fingerprint 2851 will be trusted to always produce common names that are directly one- 2852 to-one mappable into tmSecurityNames. This type of configuration 2853 should only be used when the certificate authorities naming 2854 conventions are carefully controlled. 2856 In the example, if the incoming (D)TLS client provided certificate 2857 contained a subjectAltName where the first listed subjectAltName in 2858 the extension is the rfc822Name of "blueberry@example.com", the 2859 certificate was signed by a certificate matching the 2860 snmpTlstmCertToTSNFingerprint value and the CA's certificate was 2861 properly installed on the device then the string 2862 "blueberry@example.com" would be used as the tmSecurityName for the 2863 session. 2865 Author's Address 2867 Wes Hardaker 2868 Sparta, Inc. 2869 P.O. Box 382 2870 Davis, CA 95617 2871 USA 2873 Phone: +1 530 792 1913 2874 Email: ietf@hardakers.net