idnits 2.17.1 draft-ietf-isms-dtls-tm-11.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** You're using the IETF Trust Provisions' Section 6.b License Notice from 12 Sep 2009 rather than the newer Notice from 28 Dec 2009. (See https://trustee.ietf.org/license-info/) Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The document has examples using IPv4 documentation addresses according to RFC6890, but does not use any IPv6 documentation addresses. Maybe there should be IPv6 examples, too? Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 367 has weird spacing: '...patcher v ...' == The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but does not include the phrase in its RFC 2119 key words list. == The document seems to contain a disclaimer for pre-RFC5378 work, but was first submitted on or after 10 November 2008. The disclaimer is usually necessary only for documents that revise or obsolete older RFCs, and that take significant amounts of text from those RFCs. If you can contact all authors of the source material and they are willing to grant the BCP78 rights to the IETF Trust, you can and should remove the disclaimer. Otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (May 4, 2010) is 5105 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC-isms-dtls-tm' is mentioned on line 2655, but not defined == Unused Reference: 'RFC1033' is defined on line 2701, but no explicit reference was found in the text == Unused Reference: 'RFC3490' is defined on line 2741, but no explicit reference was found in the text == Unused Reference: 'I-D.draft-ietf-6man-text-addr-representation' is defined on line 2773, but no explicit reference was found in the text ** Downref: Normative reference to an Unknown state RFC: RFC 1033 ** Obsolete normative reference: RFC 3490 (Obsoleted by RFC 5890, RFC 5891) ** Obsolete normative reference: RFC 4347 (Obsoleted by RFC 6347) ** Obsolete normative reference: RFC 4366 (Obsoleted by RFC 5246, RFC 6066) ** Obsolete normative reference: RFC 5246 (Obsoleted by RFC 8446) Summary: 6 errors (**), 0 flaws (~~), 8 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 ISMS W. Hardaker 3 Internet-Draft Sparta, Inc. 4 Intended status: Standards Track May 4, 2010 5 Expires: November 5, 2010 7 Transport Layer Security (TLS) Transport Model for the Simple Network 8 Management Protocol (SNMP) 9 draft-ietf-isms-dtls-tm-11.txt 11 Abstract 13 This document describes a Transport Model for the Simple Network 14 Management Protocol (SNMP), that uses either the Transport Layer 15 Security protocol or the Datagram Transport Layer Security (DTLS) 16 protocol. The TLS and DTLS protocols provide authentication and 17 privacy services for SNMP applications. This document describes how 18 the TLS Transport Model (TLSTM) implements the needed features of a 19 SNMP Transport Subsystem to make this protection possible in an 20 interoperable way. 22 This transport model is designed to meet the security and operational 23 needs of network administrators. It supports sending of SNMP 24 messages over TLS/TCP and DTLS/UDP. The TLS mode can make use of 25 TCP's improved support for larger packet sizes and the DTLS mode 26 provides potentially superior operation in environments where a 27 connectionless (e.g. UDP) transport is preferred. Both TLS and DTLS 28 integrate well into existing public keying infrastructures. 30 This document also defines a portion of the Management Information 31 Base (MIB) for use with network management protocols. In particular 32 it defines objects for managing the TLS Transport Model for SNMP. 34 Status of this Memo 36 This Internet-Draft is submitted to IETF in full conformance with the 37 provisions of BCP 78 and BCP 79. 39 Internet-Drafts are working documents of the Internet Engineering 40 Task Force (IETF), its areas, and its working groups. Note that 41 other groups may also distribute working documents as Internet- 42 Drafts. 44 Internet-Drafts are draft documents valid for a maximum of six months 45 and may be updated, replaced, or obsoleted by other documents at any 46 time. It is inappropriate to use Internet-Drafts as reference 47 material or to cite them other than as "work in progress." 48 The list of current Internet-Drafts can be accessed at 49 http://www.ietf.org/ietf/1id-abstracts.txt. 51 The list of Internet-Draft Shadow Directories can be accessed at 52 http://www.ietf.org/shadow.html. 54 This Internet-Draft will expire on November 5, 2010. 56 Copyright Notice 58 Copyright (c) 2010 IETF Trust and the persons identified as the 59 document authors. All rights reserved. 61 This document is subject to BCP 78 and the IETF Trust's Legal 62 Provisions Relating to IETF Documents 63 (http://trustee.ietf.org/license-info) in effect on the date of 64 publication of this document. Please review these documents 65 carefully, as they describe your rights and restrictions with respect 66 to this document. Code Components extracted from this document must 67 include Simplified BSD License text as described in Section 4.e of 68 the Trust Legal Provisions and are provided without warranty as 69 described in the BSD License. 71 This document may contain material from IETF Documents or IETF 72 Contributions published or made publicly available before November 73 10, 2008. The person(s) controlling the copyright in some of this 74 material may not have granted the IETF Trust the right to allow 75 modifications of such material outside the IETF Standards Process. 76 Without obtaining an adequate license from the person(s) controlling 77 the copyright in such materials, this document may not be modified 78 outside the IETF Standards Process, and derivative works of it may 79 not be created outside the IETF Standards Process, except to format 80 it for publication as an RFC or to translate it into languages other 81 than English. 83 Table of Contents 85 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 86 1.1. Conventions . . . . . . . . . . . . . . . . . . . . . . . 8 87 2. The Transport Layer Security Protocol . . . . . . . . . . . . 9 88 3. How the TLSTM fits into the Transport Subsystem . . . . . . . 9 89 3.1. Security Capabilities of this Model . . . . . . . . . . . 11 90 3.1.1. Threats . . . . . . . . . . . . . . . . . . . . . . . 11 91 3.1.2. Message Protection . . . . . . . . . . . . . . . . . . 12 92 3.1.3. (D)TLS Connections . . . . . . . . . . . . . . . . . . 13 93 3.2. Security Parameter Passing . . . . . . . . . . . . . . . . 14 94 3.3. Notifications and Proxy . . . . . . . . . . . . . . . . . 14 95 4. Elements of the Model . . . . . . . . . . . . . . . . . . . . 15 96 4.1. X.509 Certificates . . . . . . . . . . . . . . . . . . . . 15 97 4.1.1. Provisioning for the Certificate . . . . . . . . . . . 15 98 4.2. (D)TLS Usage . . . . . . . . . . . . . . . . . . . . . . . 17 99 4.3. SNMP Services . . . . . . . . . . . . . . . . . . . . . . 17 100 4.3.1. SNMP Services for an Outgoing Message . . . . . . . . 17 101 4.3.2. SNMP Services for an Incoming Message . . . . . . . . 18 102 4.4. Cached Information and References . . . . . . . . . . . . 19 103 4.4.1. TLS Transport Model Cached Information . . . . . . . . 19 104 4.4.1.1. tmSecurityName . . . . . . . . . . . . . . . . . . 20 105 4.4.1.2. tmSessionID . . . . . . . . . . . . . . . . . . . 20 106 4.4.1.3. Session State . . . . . . . . . . . . . . . . . . 20 107 5. Elements of Procedure . . . . . . . . . . . . . . . . . . . . 20 108 5.1. Procedures for an Incoming Message . . . . . . . . . . . . 21 109 5.1.1. DTLS over UDP Processing for Incoming Messages . . . . 21 110 5.1.2. Transport Processing for Incoming SNMP Messages . . . 23 111 5.2. Procedures for an Outgoing SNMP Message . . . . . . . . . 24 112 5.3. Establishing or Accepting a Session . . . . . . . . . . . 26 113 5.3.1. Establishing a Session as a Client . . . . . . . . . . 26 114 5.3.2. Accepting a Session as a Server . . . . . . . . . . . 28 115 5.4. Closing a Session . . . . . . . . . . . . . . . . . . . . 29 116 6. MIB Module Overview . . . . . . . . . . . . . . . . . . . . . 29 117 6.1. Structure of the MIB Module . . . . . . . . . . . . . . . 30 118 6.2. Textual Conventions . . . . . . . . . . . . . . . . . . . 30 119 6.3. Statistical Counters . . . . . . . . . . . . . . . . . . . 30 120 6.4. Configuration Tables . . . . . . . . . . . . . . . . . . . 30 121 6.4.1. Notifications . . . . . . . . . . . . . . . . . . . . 30 122 6.5. Relationship to Other MIB Modules . . . . . . . . . . . . 30 123 6.5.1. MIB Modules Required for IMPORTS . . . . . . . . . . . 31 124 7. MIB Module Definition . . . . . . . . . . . . . . . . . . . . 31 125 8. Operational Considerations . . . . . . . . . . . . . . . . . . 53 126 8.1. Sessions . . . . . . . . . . . . . . . . . . . . . . . . . 53 127 8.2. Notification Receiver Credential Selection . . . . . . . . 54 128 8.3. contextEngineID Discovery . . . . . . . . . . . . . . . . 54 129 8.4. Transport Considerations . . . . . . . . . . . . . . . . . 54 130 8.5. IPv6 and securityName mapping when used with TSM and 131 VACM . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 132 9. Security Considerations . . . . . . . . . . . . . . . . . . . 55 133 9.1. Certificates, Authentication, and Authorization . . . . . 55 134 9.2. Use with SNMPv1/SNMPv2c Messages . . . . . . . . . . . . . 56 135 9.3. MIB Module Security . . . . . . . . . . . . . . . . . . . 57 136 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 58 137 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 59 138 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 60 139 12.1. Normative References . . . . . . . . . . . . . . . . . . . 60 140 12.2. Informative References . . . . . . . . . . . . . . . . . . 61 141 Appendix A. Target and Notification Configuration Example . . . . 62 142 A.1. Configuring a Notification Originator . . . . . . . . . . 62 143 A.2. Configuring TLSTM to Utilize a Simple Derivation of 144 tmSecurityName . . . . . . . . . . . . . . . . . . . . . . 63 145 A.3. Configuring TLSTM to Utilize Table-Driven Certificate 146 Mapping . . . . . . . . . . . . . . . . . . . . . . . . . 63 147 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 64 149 1. Introduction 151 It is important to understand the modular SNMPv3 architecture as 152 defined by [RFC3411] and enhanced by the Transport Subsystem 153 [RFC5590]. It is also important to understand the terminology of the 154 SNMPv3 architecture in order to understand where the Transport Model 155 described in this document fits into the architecture and how it 156 interacts with the other architecture subsystems. For a detailed 157 overview of the documents that describe the current Internet-Standard 158 Management Framework, please refer to Section 7 of [RFC3410]. 160 This document describes a Transport Model that makes use of the 161 Transport Layer Security (TLS) [RFC5246] and the Datagram Transport 162 Layer Security (DTLS) Protocol [RFC4347], within a transport 163 subsystem [RFC5590]. DTLS is the datagram variant of the Transport 164 Layer Security (TLS) protocol [RFC5246]. The Transport Model in this 165 document is referred to as the Transport Layer Security Transport 166 Model (TLSTM). TLS and DTLS take advantage of the X.509 public 167 keying infrastructure [RFC5280]. While (D)TLS supports multiple 168 authentication mechanisms, this document only discusses X.509 169 certificate based authentication. Although other forms of 170 authentication are possible they are outside the scope of this 171 specification. This transport model is designed to meet the security 172 and operational needs of network administrators, operating in both 173 environments where a connectionless (e.g. UDP) transport is 174 preferred and in environments where large quantities of data need to 175 be sent (e.g. over a TCP based stream). Both TLS and DTLS integrate 176 well into existing public keying infrastructures. This document 177 supports sending of SNMP messages over TLS/TCP and DTLS/UDP. 179 This document also defines a portion of the Management Information 180 Base (MIB) for use with network management protocols. In particular 181 it defines objects for managing the TLS Transport Model for SNMP. 183 Managed objects are accessed via a virtual information store, termed 184 the Management Information Base or MIB. MIB objects are generally 185 accessed through the Simple Network Management Protocol (SNMP). 186 Objects in the MIB are defined using the mechanisms defined in the 187 Structure of Management Information (SMI). This memo specifies a MIB 188 module that is compliant to the SMIv2, which is described in STD 58: 189 [RFC2578], [RFC2579] and [RFC2580]. 191 The diagram shown below gives a conceptual overview of two SNMP 192 entities communicating using the TLS Transport Model (shown as "TLS 193 TM"). One entity contains a command responder and notification 194 originator application, and the other a command generator and 195 notification receiver application. It should be understood that this 196 particular mix of application types is an example only and other 197 combinations are equally valid. Note: this diagram shows the 198 Transport Security Model (TSM) being used as the security model which 199 is defined in [RFC5591]. 201 +---------------------------------------------------------------------+ 202 | Network | 203 +---------------------------------------------------------------------+ 204 ^ | ^ | 205 |Notifications |Commands |Commands |Notifications 206 +---|---------------------|-------+ +--|---------------|--------------+ 207 | | V | | | V | 208 | +------------+ +------------+ | | +-----------+ +----------+ | 209 | | (D)TLS | | (D)TLS | | | | (D)TLS | | (D)TLS | | 210 | | (Client) | | (Server) | | | | (Client) | | (Server) | | 211 | +------------+ +------------+ | | +-----------+ +----------+ | 212 | ^ ^ | | ^ ^ | 213 | | | | | | | | 214 | +-------------+ | | +--------------+ | 215 | +-----|------------+ | | +-----|------------+ | 216 | | V | | | | V | | 217 | | +--------+ | +-----+ | | | +--------+ | +-----+ | 218 | | | TLS TM |<--------->|Cache| | | | | TLS TM |<--------->|Cache| | 219 | | +--------+ | +-----+ | | | +--------+ | +-----+ | 220 | |Transport Subsys. | ^ | | |Transport Subsys. | ^ | 221 | +------------------+ | | | +------------------+ | | 222 | ^ | | | ^ | | 223 | | +--+ | | | +--+ | 224 | v | | | V | | 225 | +-----+ +--------+ +-------+ | | | +-----+ +--------+ +-------+ | | 226 | | | |Message | |Securi.| | | | | | |Message | |Securi.| | | 227 | |Disp.| |Proc. | |Subsys.| | | | |Disp.| |Proc. | |Subsys.| | | 228 | | | |Subsys. | | | | | | | | |Subsys. | | | | | 229 | | | | | | | | | | | | | | | | | | 230 | | | | +----+ | | +---+ | | | | | | | +----+ | | +---+ | | | 231 | | <--->|v3MP|<--> |TSM|<--+ | | | <--->|v3MP|<--->|TSM|<--+ | 232 | | | | +----+ | | +---+ | | | | | | +----+ | | +---+ | | 233 | | | | | | | | | | | | | | | | 234 | +-----+ +--------+ +-------+ | | +-----+ +--------+ +-------+ | 235 | ^ | | ^ | 236 | | | | | | 237 | +-+------------+ | | +-+----------+ | 238 | | | | | | | | 239 | v v | | v V | 240 | +-------------+ +-------------+ | | +-------------+ +-------------+ | 241 | | COMMAND | | NOTIFICAT. | | | | COMMAND | | NOTIFICAT. | | 242 | | RESPONDER | | ORIGINATOR | | | | GENERATOR | | RECEIVER | | 243 | | application | | application | | | | application | | application | | 244 | +-------------+ +-------------+ | | +-------------+ +-------------+ | 245 | SNMP entity | | SNMP entity | 246 +---------------------------------+ +---------------------------------+ 248 1.1. Conventions 250 For consistency with SNMP-related specifications, this document 251 favors terminology as defined in STD 62, rather than favoring 252 terminology that is consistent with non-SNMP specifications. This is 253 consistent with the IESG decision to not require the SNMPv3 254 terminology be modified to match the usage of other non-SNMP 255 specifications when SNMPv3 was advanced to Full Standard. 257 "Authentication" in this document typically refers to the English 258 meaning of "serving to prove the authenticity of" the message, not 259 data source authentication or peer identity authentication. 261 The terms "manager" and "agent" are not used in this document 262 because, in the [RFC3411] architecture, all SNMP entities have the 263 capability of acting as manager, agent, or both depending on the SNMP 264 application types supported in the implementation. Where distinction 265 is required, the application names of command generator, command 266 responder, notification originator, notification receiver, and proxy 267 forwarder are used. See "SNMP Applications" [RFC3413] for further 268 information. 270 Large portions of this document simultaneously refer to both TLS and 271 DTLS when discussing TLSTM components that function equally with 272 either protocol. "(D)TLS" is used in these places to indicate that 273 the statement applies to either or both protocols as appropriate. 274 When a distinction between the protocols is needed they are referred 275 to independently through the use of "TLS" or "DTLS". The Transport 276 Model, however, is named "TLS Transport Model" and refers not to the 277 TLS or DTLS protocol but to the specification in this document, which 278 includes support for both TLS and DTLS. 280 Throughout this document, the terms "client" and "server" are used to 281 refer to the two ends of the (D)TLS transport connection. The client 282 actively opens the (D)TLS connection, and the server passively 283 listens for the incoming (D)TLS connection. An SNMP entity may act 284 as a (D)TLS client or server or both, depending on the SNMP 285 applications supported. 287 The User-Based Security Model (USM) [RFC3414] is a mandatory-to- 288 implement Security Model in STD 62. While (D)TLS and USM frequently 289 refer to a user, the terminology preferred in RFC3411 and in this 290 memo is "principal". A principal is the "who" on whose behalf 291 services are provided or processing takes place. A principal can be, 292 among other things, an individual acting in a particular role; a set 293 of individuals, with each acting in a particular role; an application 294 or a set of applications, or a combination of these within an 295 administrative domain. 297 Throughout this document, the term "session" is used to refer to a 298 secure association between two TLS Transport Models that permits the 299 transmission of one or more SNMP messages within the lifetime of the 300 session. The (D)TLS protocols also have an internal notion of a 301 session and although these two concepts of a session are related, 302 when the term "session" is used this document is referring to the 303 TLSTM's specific session and not directly to the (D)TLS protocol's 304 session. 306 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 307 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 308 document are to be interpreted as described in [RFC2119]. 310 2. The Transport Layer Security Protocol 312 (D)TLS provides authentication, data message integrity, and privacy 313 at the transport layer. (See [RFC4347]) 315 The primary goals of the TLS Transport Model are to provide privacy, 316 peer identity authentication and data integrity between two 317 communicating SNMP entities. The TLS and DTLS protocols provide a 318 secure transport upon which the TLSTM is based. Please refer to 319 [RFC5246] and [RFC4347] for complete descriptions of the protocols. 321 3. How the TLSTM fits into the Transport Subsystem 323 A transport model is a component of the Transport Subsystem. The TLS 324 Transport Model thus fits between the underlying (D)TLS transport 325 layer and the Message Dispatcher [RFC3411] component of the SNMP 326 engine. 328 The TLS Transport Model will establish a session between itself and 329 the TLS Transport Model of another SNMP engine. The sending 330 transport model passes unencrypted and unauthenticated messages from 331 the Dispatcher to (D)TLS to be encrypted and authenticated, and the 332 receiving transport model accepts decrypted and authenticated/ 333 integrity-checked incoming messages from (D)TLS and passes them to 334 the Dispatcher. 336 After a TLS Transport Model session is established, SNMP messages can 337 conceptually be sent through the session from one SNMP message 338 Dispatcher to another SNMP Message Dispatcher. If multiple SNMP 339 messages are needed to be passed between two SNMP applications they 340 MAY be passed through the same session. A TLSTM implementation 341 engine MAY choose to close the session to conserve resources. 343 The TLS Transport Model of an SNMP engine will perform the 344 translation between (D)TLS-specific security parameters and SNMP- 345 specific, model-independent parameters. 347 The diagram below depicts where the TLS Transport Model (shown as 348 "(D)TLS TM") fits into the architecture described in RFC3411 and the 349 Transport Subsystem: 351 +------------------------------+ 352 | Network | 353 +------------------------------+ 354 ^ ^ ^ 355 | | | 356 v v v 357 +-------------------------------------------------------------------+ 358 | +--------------------------------------------------+ | 359 | | Transport Subsystem | +--------+ | 360 | | +-----+ +-----+ +-------+ +-------+ | | | | 361 | | | UDP | | SSH | |(D)TLS | . . . | other |<--->| Cache | | 362 | | | | | TM | | TM | | | | | | | 363 | | +-----+ +-----+ +-------+ +-------+ | +--------+ | 364 | +--------------------------------------------------+ ^ | 365 | ^ | | 366 | | | | 367 | Dispatcher v | | 368 | +--------------+ +---------------------+ +----------------+ | | 369 | | Transport | | Message Processing | | Security | | | 370 | | Dispatch | | Subsystem | | Subsystem | | | 371 | | | | +------------+ | | +------------+ | | | 372 | | | | +->| v1MP |<--->| | USM | | | | 373 | | | | | +------------+ | | +------------+ | | | 374 | | | | | +------------+ | | +------------+ | | | 375 | | | | +->| v2cMP |<--->| | Transport | | | | 376 | | Message | | | +------------+ | | | Security |<--+ | 377 | | Dispatch <---->| +------------+ | | | Model | | | 378 | | | | +->| v3MP |<--->| +------------+ | | 379 | | | | | +------------+ | | +------------+ | | 380 | | PDU Dispatch | | | +------------+ | | | Other | | | 381 | +--------------+ | +->| otherMP |<--->| | Model(s) | | | 382 | ^ | +------------+ | | +------------+ | | 383 | | +---------------------+ +----------------+ | 384 | v | 385 | +-------+-------------------------+---------------+ | 386 | ^ ^ ^ | 387 | | | | | 388 | v v v | 389 | +-------------+ +---------+ +--------------+ +-------------+ | 390 | | COMMAND | | ACCESS | | NOTIFICATION | | PROXY | | 391 | | RESPONDER |<->| CONTROL |<->| ORIGINATOR | | FORWARDER | | 392 | | application | | | | applications | | application | | 393 | +-------------+ +---------+ +--------------+ +-------------+ | 394 | ^ ^ | 395 | | | | 396 | v v | 397 | +----------------------------------------------+ | 398 | | MIB instrumentation | SNMP entity | 399 +-------------------------------------------------------------------+ 401 3.1. Security Capabilities of this Model 403 3.1.1. Threats 405 The TLS Transport Model provides protection against the threats 406 identified by the RFC 3411 architecture [RFC3411]: 408 1. Modification of Information - The modification threat is the 409 danger that an unauthorized entity may alter in-transit SNMP 410 messages generated on behalf of an authorized principal in such a 411 way as to effect unauthorized management operations, including 412 falsifying the value of an object. 414 (D)TLS provides verification that the content of each received 415 message has not been modified during its transmission through the 416 network, data has not been altered or destroyed in an 417 unauthorized manner, and data sequences have not been altered to 418 an extent greater than can occur non-maliciously. 420 2. Masquerade - The masquerade threat is the danger that management 421 operations unauthorized for a given principal may be attempted by 422 assuming the identity of another principal that has the 423 appropriate authorizations. 425 The TLSTM verifies of the identity of the (D)TLS server through 426 the use of the (D)TLS protocol and X.509 certificates. A TLS 427 Transport Model implementation MUST support authentication of 428 both the server and the client. 430 3. Message stream modification - The re-ordering, delay or replay of 431 messages can and does occur through the natural operation of many 432 connectionless transport services. The message stream 433 modification threat is the danger that messages may be 434 maliciously re-ordered, delayed or replayed to an extent which is 435 greater than can occur through the natural operation of 436 connectionless transport services, in order to effect 437 unauthorized management operations. 439 (D)TLS provides replay protection with a MAC that includes a 440 sequence number. Since UDP provides no sequencing ability, DTLS 441 uses a sliding window protocol with the sequence number used for 442 replay protection (see [RFC4347]). 444 4. Disclosure - The disclosure threat is the danger of eavesdropping 445 on the exchanges between SNMP engines. 447 (D)TLS provides protection against the disclosure of information 448 to unauthorized recipients or eavesdroppers by allowing for 449 encryption of all traffic between SNMP engines. A TLS Transport 450 Model implementation MUST support message encryption to protect 451 sensitive data from eavesdropping attacks. 453 5. Denial of Service - the RFC 3411 architecture [RFC3411] states 454 that denial of service (DoS) attacks need not be addressed by an 455 SNMP security protocol. However, connectionless transports (like 456 DTLS over UDP) are susceptible to a variety of denial of service 457 attacks because they are more vulnerable to spoofed IP addresses. 458 See Section 4.2 for details how the cookie mechanism is used. 459 Note, however, that this mechanism does not provide any defense 460 against denial of service attacks mounted from valid IP 461 addresses. 463 See Section 9 for more detail on the security considerations 464 associated with the TLSTM and these security threats. 466 3.1.2. Message Protection 468 The RFC 3411 architecture recognizes three levels of security: 470 o without authentication and without privacy (noAuthNoPriv) 472 o with authentication but without privacy (authNoPriv) 474 o with authentication and with privacy (authPriv) 476 The TLS Transport Model determines from (D)TLS the identity of the 477 authenticated principal, the transport type and the transport address 478 associated with an incoming message. The TLS Transport Model 479 provides the identity and destination type and address to (D)TLS for 480 outgoing messages. 482 When an application requests a session for a message it also requests 483 a security level for that session. The TLS Transport Model MUST 484 ensure that the (D)TLS connection provides security at least as high 485 as the requested level of security. How the security level is 486 translated into the algorithms used to provide data integrity and 487 privacy is implementation-dependent. However, the NULL integrity and 488 encryption algorithms MUST NOT be used to fulfill security level 489 requests for authentication or privacy. Implementations MAY choose 490 to force (D)TLS to only allow cipher_suites that provide both 491 authentication and privacy to guarantee this assertion. 493 If a suitable interface between the TLS Transport Model and the 494 (D)TLS Handshake Protocol is implemented to allow the selection of 495 security level dependent algorithms (for example a security level to 496 cipher_suites mapping table) then different security levels may be 497 utilized by the application. 499 The authentication, integrity and privacy algorithms used by the 500 (D)TLS Protocols may vary over time as the science of cryptography 501 continues to evolve and the development of (D)TLS continues over 502 time. Implementers are encouraged to plan for changes in operator 503 trust of particular algorithms. Implementations SHOULD offer 504 configuration settings for mapping algorithms to SNMPv3 security 505 levels. 507 3.1.3. (D)TLS Connections 509 (D)TLS connections are opened by the TLS Transport Model during the 510 elements of procedure for an outgoing SNMP message. Since the sender 511 of a message initiates the creation of a (D)TLS connection if needed, 512 the (D)TLS connection will already exist for an incoming message. 514 Implementations MAY choose to instantiate (D)TLS connections in 515 anticipation of outgoing messages. This approach might be useful to 516 ensure that a (D)TLS connection to a given target can be established 517 before it becomes important to send a message over the (D)TLS 518 connection. Of course, there is no guarantee that a pre-established 519 session will still be valid when needed. 521 DTLS connections, when used over UDP, are uniquely identified within 522 the TLS Transport Model by the combination of transportDomain, 523 transportAddress, tmSecurityName, and requestedSecurityLevel 524 associated with each session. Each unique combination of these 525 parameters MUST have a locally-chosen unique tlstmSessionID for each 526 active session. For further information see Section 5. TLS over TCP 527 sessions, on the other hand, do not require a unique pairing of 528 address and port attributes since their lower layer protocols (TCP) 529 already provide adequate session framing. But they must still 530 provide a unique tlstmSessionID for referencing the session. 532 The tlstmSessionID identifier MUST NOT change during the entire 533 duration of the session from the TLSTM's perspective, and MUST 534 uniquely identify a single session. As an implementation hint: note 535 that the (D)TLS internal SessionID does not meet these requirements, 536 since it can change over the life of the connection as seen by the 537 TLSTM (for example, during renegotiation), and does not necessarily 538 uniquely identify a TLSTM session (there can be multiple TLSTM 539 sessions sharing the same D(TLS) internal SessionID). 541 3.2. Security Parameter Passing 543 For the (D)TLS server-side, (D)TLS-specific security parameters 544 (i.e., cipher_suites, X.509 certificate fields, IP address and port) 545 are translated by the TLS Transport Model into security parameters 546 for the TLS Transport Model and security model (e.g., 547 tmSecurityLevel, tmSecurityName, transportDomain, transportAddress). 548 The transport-related and (D)TLS-security-related information, 549 including the authenticated identity, are stored in a cache 550 referenced by tmStateReference. 552 For the (D)TLS client-side, the TLS Transport Model takes input 553 provided by the Dispatcher in the sendMessage() Abstract Service 554 Interface (ASI) and input from the tmStateReference cache. The 555 (D)TLS Transport Model converts that information into suitable 556 security parameters for (D)TLS and establishes sessions as needed. 558 The elements of procedure in Section 5 discuss these concepts in much 559 greater detail. 561 3.3. Notifications and Proxy 563 (D)TLS connections may be initiated by (D)TLS clients on behalf of 564 SNMP appplications that initiate communications, such as command 565 generators, notification originators, proxy forwarders. Command 566 generators are frequently operated by a human, but notification 567 originators and proxy forwarders are usually unmanned automated 568 processes. The targets to whom notifications and proxied requests 569 should be sent is typically determined and configured by a network 570 administrator. 572 The SNMP-TARGET-MIB module [RFC3413] contains objects for defining 573 management targets, including transportDomain, transportAddress, 574 securityName, securityModel, and securityLevel parameters, for 575 notification originator, proxy forwarder, and SNMP-controllable 576 command generator applications. Transport domains and transport 577 addresses are configured in the snmpTargetAddrTable, and the 578 securityModel, securityName, and securityLevel parameters are 579 configured in the snmpTargetParamsTable. This document defines a MIB 580 module that extends the SNMP-TARGET-MIB's snmpTargetParamsTable to 581 specify a (D)TLS client-side certificate to use for the connection. 583 When configuring a (D)TLS target, the snmpTargetAddrTDomain and 584 snmpTargetAddrTAddress parameters in snmpTargetAddrTable SHOULD be 585 set to the snmpTLSTCPDomain or snmpDTLSUDPDomain object and an 586 appropriate snmpTLSAddress value. When used with the SNMPv3 message 587 processing model, the snmpTargetParamsMPModel column of the 588 snmpTargetParamsTable SHOULD be set to a value of 3. The 589 snmpTargetParamsSecurityName SHOULD be set to an appropriate 590 securityName value and the snmpTlstmParamsClientFingerprint parameter 591 of the snmpTlstmParamsTable SHOULD be set a value that refers to a 592 locally held certificate (and the corresponding private key) to be 593 used. Other parameters, for example cryptographic configuration such 594 as which cipher suites to use, must come from configuration 595 mechanisms not defined in this document. 597 The securityName defined in the snmpTargetParamsSecurityName column 598 will be used by the access control model to authorize any 599 notifications that need to be sent. 601 4. Elements of the Model 603 This section contains definitions required to realize the (D)TLS 604 Transport Model defined by this document. 606 4.1. X.509 Certificates 608 (D)TLS can make use of X.509 certificates for authentication of both 609 sides of the transport. This section discusses the use of X.509 610 certificates in the TLSTM. 612 While (D)TLS supports multiple authentication mechanisms, this 613 document only discusses X.509 certificate based authentication; other 614 forms of authentication are outside the scope of this specification. 615 TLSTM implementations are REQUIRED to support X.509 certificates. 617 4.1.1. Provisioning for the Certificate 619 Authentication using (D)TLS will require that SNMP entities have 620 certificates, either signed by trusted certification authorities, or 621 self-signed. Furthermore, SNMP entities will most commonly need to 622 be provisioned with root certificates which represent the list of 623 trusted certificate authorities that an SNMP entity can use for 624 certificate verification. SNMP entities SHOULD also be provisioned 625 with a X.509 certificate revocation mechanism which can be used to 626 verify that a certificate has not been revoked. Trusted public keys 627 from either CA certificates and/or self-signed certificates MUST be 628 installed into the server through a trusted out of band mechanism and 629 their authenticity MUST be verified before access is granted. 631 Having received a certificate from a connecting TLSTM client, the 632 authenticated tmSecurityName of the principal is derived using the 633 snmpTlstmCertToTSNTable. This table allows mapping of incoming 634 connections to tmSecurityNames through defined transformations. The 635 transformations defined in the SNMP-TLS-TM-MIB include: 637 o Mapping a certificate's subjectAltName or CommonName components to 638 a tmSecurityName, or 640 o Mapping a certificate's fingerprint value to a directly specified 641 tmSecurityName 643 As an implementation hint: implementations may choose to discard any 644 connections for which no potential snmpTlstmCertToTSNTable mapping 645 exists before performing certificate verification to avoid expending 646 computational resources associated with certificate verification. 648 Deployments SHOULD map the "subjectAltName" component of X.509 649 certificates to the TLSTM specific tmSecurityNames. The 650 authenticated identity can be obtained by the TLS Transport Model by 651 extracting the subjectAltName(s) from the peer's certificate. The 652 receiving application will then have an appropriate tmSecurityName 653 for use by other SNMPv3 components like an access control model. 655 An example of this type of mapping setup can be found in Appendix A. 657 This tmSecurityName may be later translated from a TLSTM specific 658 tmSecurityName to a SNMP engine securityName by the security model. 659 A security model, like the TSM security model [RFC5591], may perform 660 an identity mapping or a more complex mapping to derive the 661 securityName from the tmSecurityName offered by the TLS Transport 662 Model. 664 A pictorial view of the complete transformation process (using the 665 TSM security model for the example) is shown below: 667 +-------------+ +-------+ +-----+ 668 | Certificate | | | | | 669 | Path | | TLSTM | tmSecurityName | TSM | 670 | Validation | --> | | ----------------->| | 671 +-------------+ +-------+ +-----+ 672 | 673 | securityName 674 V 675 +-------------+ 676 | application | 677 +-------------+ 679 4.2. (D)TLS Usage 681 (D)TLS MUST negotiate a cipher suite that uses X.509 certificates for 682 authentication, and MUST authenticate both the client and the server. 683 The mandatory-to-implement cipher suite is specified in the TLS 684 specification [RFC5246]. 686 TLSTM verifies the certificates when the connection is opened (see 687 Section 5.3). For this reason, TLS renegotiation with different 688 certificates MUST NOT be done. That is, implementations MUST either 689 disable renegotiation completely (RECOMMENDED), or MUST present the 690 same certificate during renegotiation (and MUST verify that the other 691 end presented the same certificate). 693 For DTLS over UDP, each SNMP message MUST be placed in a single UDP 694 datagram; it MAY be split to multiple DTLS records. In other words, 695 if a single datagram contains multiple DTLS application_data records, 696 they are concatenated when received. The TLSTM implementation SHOULD 697 return an error if the SNMP message does not fit in the UDP datagram, 698 and thus cannot be sent. 700 For DTLS over UDP, the DTLS server implementation MUST support DTLS 701 cookies ([RFC4347] already requires that clients support DTLS 702 cookies). Implementations are not required to perform the cookie 703 exchange for every DTLS handshake; however, enabling it by default is 704 RECOMMENDED. 706 For DTLS, replay protection MUST be used. 708 4.3. SNMP Services 710 This section describes the services provided by the TLS Transport 711 Model with their inputs and outputs. The services are between the 712 Transport Model and the Dispatcher. 714 The services are described as primitives of an abstract service 715 interface (ASI) and the inputs and outputs are described as abstract 716 data elements as they are passed in these abstract service 717 primitives. 719 4.3.1. SNMP Services for an Outgoing Message 721 The Dispatcher passes the information to the TLS Transport Model 722 using the ASI defined in the transport subsystem: 724 statusInformation = 725 sendMessage( 726 IN destTransportDomain -- transport domain to be used 727 IN destTransportAddress -- transport address to be used 728 IN outgoingMessage -- the message to send 729 IN outgoingMessageLength -- its length 730 IN tmStateReference -- reference to transport state 731 ) 733 The abstract data elements returned from or passed as parameters into 734 the abstract service primitives are as follows: 736 statusInformation: An indication of whether the sending of the 737 message was successful. If not, it is an indication of the 738 problem. 740 destTransportDomain: The transport domain for the associated 741 destTransportAddress. The Transport Model uses this parameter to 742 determine the transport type of the associated 743 destTransportAddress. This document specifies the 744 snmpTLSTCPDomain and the snmpDTLSUDPDomain transport domains. 746 destTransportAddress: The transport address of the destination TLS 747 Transport Model in a format specified by the SnmpTLSAddress 748 TEXTUAL-CONVENTION. 750 outgoingMessage: The outgoing message to send to (D)TLS for 751 encapsulation and transmission. 753 outgoingMessageLength: The length of the outgoingMessage. 755 tmStateReference: A reference used to pass model-specific and 756 mechanism-specific parameters between the Transport Subsystem and 757 transport-aware Security Models. 759 4.3.2. SNMP Services for an Incoming Message 761 The TLS Transport Model processes the received message from the 762 network using the (D)TLS service and then passes it to the Dispatcher 763 using the following ASI: 765 statusInformation = 766 receiveMessage( 767 IN transportDomain -- origin transport domain 768 IN transportAddress -- origin transport address 769 IN incomingMessage -- the message received 770 IN incomingMessageLength -- its length 771 IN tmStateReference -- reference to transport state 772 ) 774 The abstract data elements returned from or passed as parameters into 775 the abstract service primitives are as follows: 777 statusInformation: An indication of whether the passing of the 778 message was successful. If not, it is an indication of the 779 problem. 781 transportDomain: The transport domain for the associated 782 transportAddress. This document specifies the snmpTLSTCPDomain 783 and the snmpDTLSUDPDomain transport domains. 785 transportAddress: The transport address of the source of the 786 received message in a format specified by the SnmpTLSAddress 787 TEXTUAL-CONVENTION. 789 incomingMessage: The whole SNMP message after being processed by 790 (D)TLS. 792 incomingMessageLength: The length of the incomingMessage. 794 tmStateReference: A reference used to pass model-specific and 795 mechanism-specific parameters between the Transport Subsystem and 796 transport-aware Security Models. 798 4.4. Cached Information and References 800 When performing SNMP processing, there are two levels of state 801 information that may need to be retained: the immediate state linking 802 a request-response pair, and potentially longer-term state relating 803 to transport and security. "Transport Subsystem for the Simple 804 Network Management Protocol" [RFC5590] defines general requirements 805 for caches and references. 807 4.4.1. TLS Transport Model Cached Information 809 The TLS Transport Model has specific responsibilities regarding the 810 cached information. See the Elements of Procedure in Section 5 for 811 detailed processing instructions on the use of the tmStateReference 812 fields by the TLS Transport Model. 814 4.4.1.1. tmSecurityName 816 The tmSecurityName MUST be a human-readable name (in snmpAdminString 817 format) representing the identity that has been set according to the 818 procedures in Section 5. The tmSecurityName MUST be constant for all 819 traffic passing through a single TLSTM session. Messages MUST NOT be 820 sent through an existing (D)TLS connection that was established using 821 a different tmSecurityName. 823 On the (D)TLS server side of a connection the tmSecurityName is 824 derived using the procedures described in Section 5.3.2 and the SNMP- 825 TLS-TM-MIB's snmpTlstmCertToTSNTable DESCRIPTION clause. 827 On the (D)TLS client side of a connection the tmSecurityName is 828 presented to the TLS Transport Model by the application (possibly 829 because of configuration specified in the SNMP-TARGET-MIB). 831 The securityName MAY be derived from the tmSecurityName by a Security 832 Model and MAY be used to configure notifications and access controls 833 in MIB modules. Transport Models SHOULD generate a predictable 834 tmSecurityName so operators will know what to use when configuring 835 MIB modules that use securityNames derived from tmSecurityNames. The 836 TLSTM generates predictable tmSecurityNames based on the 837 configuration found in the SNMP-TLS-TM-MIB's snmpTlstmCertToTSNTable 838 and relies on the network operators to have configured this table 839 appropriately. 841 4.4.1.2. tmSessionID 843 The tmSessionID MUST be recorded per message at the time of receipt. 844 When tmSameSecurity is set, the recorded tmSessionID can be used to 845 determine whether the (D)TLS connection available for sending a 846 corresponding outgoing message is the same (D)TLS connection as was 847 used when receiving the incoming message (e.g., a response to a 848 request). 850 4.4.1.3. Session State 852 The per-session state that is referenced by tmStateReference may be 853 saved across multiple messages in a Local Configuration Datastore. 854 Additional session/connection state information might also be stored 855 in a Local Configuration Datastore. 857 5. Elements of Procedure 859 Abstract service interfaces have been defined by [RFC3411] and 860 further augmented by [RFC5590] to describe the conceptual data flows 861 between the various subsystems within an SNMP entity. The TLSTM uses 862 some of these conceptual data flows when communicating between 863 subsystems. 865 To simplify the elements of procedure, the release of state 866 information is not always explicitly specified. As a general rule, 867 if state information is available when a message gets discarded, the 868 message-state information should also be released. If state 869 information is available when a session is closed, the session state 870 information should also be released. Sensitive information, like 871 cryptographic keys, should be overwritten appropriately prior to 872 being released. 874 An error indication in statusInformation will typically include the 875 Object Identifier (OID) and value for an incremented error counter. 876 This may be accompanied by the requested securityLevel and the 877 tmStateReference. Per-message context information is not accessible 878 to Transport Models, so for the returned counter OID and value, 879 contextEngine would be set to the local value of snmpEngineID and 880 contextName to the default context for error counters. 882 5.1. Procedures for an Incoming Message 884 This section describes the procedures followed by the (D)TLS 885 Transport Model when it receives a (D)TLS protected packet. The 886 required functionality is broken into two different sections. 888 Section 5.1.1 describes the processing required for de-multiplexing 889 multiple DTLS connections, which is specifically needed for DTLS over 890 UDP sessions. It is assumed that TLS protocol implementations 891 already provide appropriate message demultiplexing. 893 Section 5.1.2 describes the transport processing required once the 894 (D)TLS processing has been completed. This will be needed for all 895 (D)TLS-based connections. 897 5.1.1. DTLS over UDP Processing for Incoming Messages 899 For connection-oriented transport protocols, such as TCP, the 900 transport protocol takes care of demultiplexing incoming packets to 901 the right connection. Depending on the DTLS implementation, for DTLS 902 over UDP, this demultiplexing may need to be done by the TLSTM 903 implementation. 905 Like TCP, DTLS over UDP uses the four-tuple for identifying the connection 907 (and relevant DTLS connection state). This means that when 908 establishing a new session, implementations MUST use a different UDP 909 source port number for each active connection to a remote destination 910 IP-address/port-number combination to ensure the remote entity can 911 disambiguate between multiple connections. 913 If demultiplexing received UDP datagrams to DTLS connection state is 914 done by the TLSTM implementation (instead of the DTLS 915 implementation), the steps below describe one possible method to 916 accomplish this. 918 The important output results from the steps in this process are the 919 remote transport address, incomingMessage, incomingMessageLength, and 920 the tlstmSessionID. 922 1) The TLS Transport Model examines the raw UDP message, in an 923 implementation-dependent manner. 925 2) The TLS Transport Model queries the Local Configuration Datastore 926 (LCD) (see [RFC3411] Section 3.4.2) using the transport 927 parameters (source and destination IP addresses and ports) to 928 determine if a session already exists. 930 2a) If a matching entry in the LCD does not exist, then the UDP 931 packet is passed to the DTLS implementation for processing. 932 If the DTLS implementation decides to continue with the 933 connection and allocate state for it, it returns a new DTLS 934 connection handle (an implementation dependent detail). In 935 this case, TLSTM selects a new tlstmSessionId, and caches 936 this and the DTLS connection handle as a new entry in the 937 LCD (indexed by the transport parameters). If the DTLS 938 implementation returns an error or does not allocate 939 connection state (which can happen with the stateless cookie 940 exchange), processing stops. 942 2b) If a session does exist in the LCD then its DTLS connection 943 handle (an implementation dependent detail) and its 944 tlstmSessionId is extracted from the LCD. The UDP packet 945 and the connection handle is passed to the DTLS 946 implementation. If the DTLS implementation returns success 947 but does not return an incomingMessage and an 948 incomingMessageLength then processing stops (this is the 949 case when the UDP datagram contained DTLS handshake 950 messages, for example). If the DTLS implementation returns 951 an error then processing stops. 953 3) Retrieve the incomingMessage and an incomingMessageLength from 954 DTLS. These results and the tlstmSessionID are used below in 955 Section 5.1.2 to complete the processing of the incoming message. 957 5.1.2. Transport Processing for Incoming SNMP Messages 959 The procedures in this section describe how the TLS Transport Model 960 should process messages that have already been properly extracted 961 from the (D)TLS stream. Note that care must be taken when processing 962 messages originating from either TLS or DTLS to ensure they're 963 complete and single. For example, multiple SNMP messages can be 964 passed through a single DTLS message and partial SNMP messages may be 965 received from a TLS stream. These steps describe the processing of a 966 singular SNMP message after it has been delivered from the (D)TLS 967 stream. 969 1) Determine the tlstmSessionID for the incoming message. The 970 tlstmSessionID MUST be a unique session identifier for this 971 (D)TLS connection. The contents and format of this identifier 972 are implementation-dependent as long as it is unique to the 973 session. A session identifier MUST NOT be reused until all 974 references to it are no longer in use. The tmSessionID is equal 975 to the tlstmSessionID discussed in Section 5.1.1. tmSessionID 976 refers to the session identifier when stored in the 977 tmStateReference and tlstmSessionID refers to the session 978 identifier when stored in the LCD. They MUST always be equal 979 when processing a given session's traffic. 981 If this is the first message received through this session and 982 the session does not have an assigned tlstmSessionID yet then the 983 snmpTlstmSessionAccepts counter is incremented and a 984 tlstmSessionID for the session is created. This will only happen 985 on the server side of a connection because a client would have 986 already assigned a tlstmSessionID during the openSession() 987 invocation. Implementations may have performed the procedures 988 described in Section 5.3.2 prior to this point or they may 989 perform them now, but the procedures described in Section 5.3.2 990 MUST be performed before continuing beyond this point. 992 2) Create a tmStateReference cache for the subsequent reference and 993 assign the following values within it: 995 tmTransportDomain = snmpTLSTCPDomain or snmpDTLSUDPDomain as 996 appropriate. 998 tmTransportAddress = The address the message originated from. 1000 tmSecurityLevel = The derived tmSecurityLevel for the session, 1001 as discussed in Section 3.1.2 and Section 5.3. 1003 tmSecurityName = The derived tmSecurityName for the session as 1004 discussed in Section 5.3. This value MUST be constant during 1005 the lifetime of the session. 1007 tmSessionID = The tlstmSessionID described in step 1 above. 1009 3) The incomingMessage and incomingMessageLength are assigned values 1010 from the (D)TLS processing. 1012 4) The TLS Transport Model passes the transportDomain, 1013 transportAddress, incomingMessage, and incomingMessageLength to 1014 the Dispatcher using the receiveMessage ASI: 1016 statusInformation = 1017 receiveMessage( 1018 IN transportDomain -- snmpTLSTCPDomain or snmpDTLSUDPDomain, 1019 IN transportAddress -- address for the received message 1020 IN incomingMessage -- the whole SNMP message from (D)TLS 1021 IN incomingMessageLength -- the length of the SNMP message 1022 IN tmStateReference -- transport info 1023 ) 1025 5.2. Procedures for an Outgoing SNMP Message 1027 The Dispatcher sends a message to the TLS Transport Model using the 1028 following ASI: 1030 statusInformation = 1031 sendMessage( 1032 IN destTransportDomain -- transport domain to be used 1033 IN destTransportAddress -- transport address to be used 1034 IN outgoingMessage -- the message to send 1035 IN outgoingMessageLength -- its length 1036 IN tmStateReference -- transport info 1037 ) 1039 This section describes the procedure followed by the TLS Transport 1040 Model whenever it is requested through this ASI to send a message. 1042 1) If tmStateReference does not refer to a cache containing values 1043 for tmTransportDomain, tmTransportAddress, tmSecurityName, 1044 tmRequestedSecurityLevel, and tmSameSecurity, then increment the 1045 snmpTlstmSessionInvalidCaches counter, discard the message, and 1046 return the error indication in the statusInformation. Processing 1047 of this message stops. 1049 2) Extract the tmSessionID, tmTransportDomain, tmTransportAddress, 1050 tmSecurityName, tmRequestedSecurityLevel, and tmSameSecurity 1051 values from the tmStateReference. Note: The tmSessionID value 1052 may be undefined if no session exists yet over which the message 1053 can be sent. 1055 3) If tmSameSecurity is true and either tmSessionID is undefined or 1056 refers to a session that is no longer open then increment the 1057 snmpTlstmSessionNoSessions counter, discard the message and 1058 return the error indication in the statusInformation. Processing 1059 of this message stops. 1061 4) If tmSameSecurity is false and tmSessionID refers to a session 1062 that is no longer available then an implementation SHOULD open a 1063 new session using the openSession() ASI (described in greater 1064 detail in step 5b). Instead of opening a new session an 1065 implementation MAY return a snmpTlstmSessionNoSessions error to 1066 the calling module and stop processing of the message. 1068 5) If tmSessionID is undefined, then use tmTransportDomain, 1069 tmTransportAddress, tmSecurityName and tmRequestedSecurityLevel 1070 to see if there is a corresponding entry in the LCD suitable to 1071 send the message over. 1073 5a) If there is a corresponding LCD entry, then this session 1074 will be used to send the message. 1076 5b) If there is no corresponding LCD entry, then open a session 1077 using the openSession() ASI (discussed further in 1078 Section 5.3.1). Implementations MAY wish to offer message 1079 buffering to prevent redundant openSession() calls for the 1080 same cache entry. If an error is returned from 1081 openSession(), then discard the message, discard the 1082 tmStateReference, increment the snmpTlstmSessionOpenErrors, 1083 return an error indication to the calling module and stop 1084 processing of the message. 1086 6) Using either the session indicated by the tmSessionID if there 1087 was one or the session resulting from a previous step (4 or 5), 1088 pass the outgoingMessage to (D)TLS for encapsulation and 1089 transmission. 1091 5.3. Establishing or Accepting a Session 1093 Establishing a (D)TLS connection as either a client or a server 1094 requires slightly different processing. The following two sections 1095 describe the necessary processing steps. 1097 5.3.1. Establishing a Session as a Client 1099 The TLS Transport Model provides the following primitive for use by a 1100 client to establish a new (D)TLS connection: 1102 statusInformation = -- errorIndication or success 1103 openSession( 1104 IN tmStateReference -- transport information to be used 1105 OUT tmStateReference -- transport information to be used 1106 IN maxMessageSize -- of the sending SNMP entity 1107 ) 1109 The following describes the procedure to follow when establishing a 1110 SNMP over (D)TLS connection between SNMP engines for exchanging SNMP 1111 messages. This process is followed by any SNMP client's engine when 1112 establishing a session for subsequent use. 1114 This procedure MAY be done automatically for an SNMP application that 1115 initiates a transaction, such as a command generator, a notification 1116 originator, or a proxy forwarder. 1118 1) The snmpTlstmSessionOpens counter is incremented. 1120 2) The client selects the appropriate certificate and cipher_suites 1121 for the key agreement based on the tmSecurityName and the 1122 tmRequestedSecurityLevel for the session. For sessions being 1123 established as a result of a SNMP-TARGET-MIB based operation, the 1124 certificate will potentially have been identified via the 1125 snmpTlstmParamsTable mapping and the cipher_suites will have to 1126 be taken from system-wide or implementation-specific 1127 configuration. If no row in the snmpTlstmParamsTable exists then 1128 implementations MAY choose to establish the connection using a 1129 default client certificate available to the application. 1130 Otherwise, the certificate and appropriate cipher_suites will 1131 need to be passed to the openSession() ASI as supplemental 1132 information or configured through an implementation-dependent 1133 mechanism. It is also implementation-dependent and possibly 1134 policy-dependent how tmRequestedSecurityLevel will be used to 1135 influence the security capabilities provided by the (D)TLS 1136 connection. However this is done, the security capabilities 1137 provided by (D)TLS MUST be at least as high as the level of 1138 security indicated by the tmRequestedSecurityLevel parameter. 1139 The actual security level of the session is reported in the 1140 tmStateReference cache as tmSecurityLevel. For (D)TLS to provide 1141 strong authentication, each principal acting as a command 1142 generator SHOULD have its own certificate. 1144 3) Using the destTransportDomain and destTransportAddress values, 1145 the client will initiate the (D)TLS handshake protocol to 1146 establish session keys for message integrity and encryption. 1148 If the attempt to establish a session is unsuccessful, then 1149 snmpTlstmSessionOpenErrors is incremented, an error indication is 1150 returned, and processing stops. If the session failed to open 1151 because the presented server certificate was unknown or invalid 1152 then the snmpTlstmSessionUnknownServerCertificate or 1153 snmpTlstmSessionInvalidServerCertificates MUST be incremented and 1154 a snmpTlstmServerCertificateUnknown or 1155 snmpTlstmServerInvalidCertificate notification SHOULD be sent as 1156 appropriate. Reasons for server certificate invalidation 1157 includes, but is not limited to, cryptographic validation 1158 failures and an unexpected presented certificate identity. 1160 4) The (D)TLS client MUST then verify that the (D)TLS server's 1161 presented certificate is the expected certificate. The (D)TLS 1162 client MUST NOT transmit SNMP messages until the server 1163 certificate has been authenticated, the client certificate has 1164 been transmitted and the TLS connection has been fully 1165 established. 1167 If the connection is being established from configuration based 1168 on SNMP-TARGET-MIB configuration, then the snmpTlstmAddrTable 1169 DESCRIPTION clause describes how the verification is done (using 1170 either a certificate fingerprint, or an identity authenticated 1171 via certification path validation). 1173 If the connection is being established for reasons other than 1174 configuration found in the SNMP-TARGET-MIB then configuration and 1175 procedures outside the scope of this document should be followed. 1176 Configuration mechanisms SHOULD be similar in nature to those 1177 defined in the snmpTlstmAddrTable to ensure consistency across 1178 management configuration systems. For example, a command-line 1179 tool for generating SNMP GETs might support specifying either the 1180 server's certificate fingerprint or the expected host name as a 1181 command line argument. 1183 5) (D)TLS provides assurance that the authenticated identity has 1184 been signed by a trusted configured certification authority. If 1185 verification of the server's certificate fails in any way (for 1186 example because of failures in cryptographic verification or the 1187 presented identity did not match the expected named entity) then 1188 the session establishment MUST fail, the 1189 snmpTlstmSessionInvalidServerCertificates object is incremented. 1190 If the session can not be opened for any reason at all, including 1191 cryptographic verification failures and snmpTlstmCertToTSNTable 1192 lookup failures, then the snmpTlstmSessionOpenErrors counter is 1193 incremented and processing stops. 1195 6) The TLSTM-specific session identifier (tlstmSessionID) is set in 1196 the tmSessionID of the tmStateReference passed to the TLS 1197 Transport Model to indicate that the session has been established 1198 successfully and to point to a specific (D)TLS connection for 1199 future use. The tlstmSessionID is also stored in the LCD for 1200 later lookup during processing of incoming messages 1201 (Section 5.1.2). 1203 5.3.2. Accepting a Session as a Server 1205 A (D)TLS server should accept new session connections from any client 1206 that it is able to verify the client's credentials for. This is done 1207 by authenticating the client's presented certificate through a 1208 certificate path validation process (e.g. [RFC5280]) or through 1209 certificate fingerprint verification using fingerprints configured in 1210 the snmpTlstmCertToTSNTable. Afterward the server will determine the 1211 identity of the remote entity using the following procedures. 1213 The (D)TLS server identifies the authenticated identity from the 1214 (D)TLS client's principal certificate using configuration information 1215 from the snmpTlstmCertToTSNTable mapping table. The (D)TLS server 1216 MUST request and expect a certificate from the client and MUST NOT 1217 accept SNMP messages over the (D)TLS connection until the client has 1218 sent a certificate and it has been authenticated. The resulting 1219 derived tmSecurityName is recorded in the tmStateReference cache as 1220 tmSecurityName. The details of the lookup process are fully 1221 described in the DESCRIPTION clause of the snmpTlstmCertToTSNTable 1222 MIB object. If any verification fails in any way (for example 1223 because of failures in cryptographic verification or because of the 1224 lack of an appropriate row in the snmpTlstmCertToTSNTable) then the 1225 session establishment MUST fail, and the 1226 snmpTlstmSessionInvalidClientCertificates object is incremented. If 1227 the session can not be opened for any reason at all, including 1228 cryptographic verification failures, then the 1229 snmpTlstmSessionOpenErrors counter is incremented and processing 1230 stops. 1232 Servers that wish to support multiple principals at a particular port 1233 SHOULD make use of a (D)TLS extension that allows server-side 1234 principal selection like the Server Name Indication extension defined 1235 in Section 3.1 of [RFC4366]. Supporting this will allow, for 1236 example, sending notifications to a specific principal at a given TCP 1237 or UDP port. 1239 5.4. Closing a Session 1241 The TLS Transport Model provides the following primitive to close a 1242 session: 1244 statusInformation = 1245 closeSession( 1246 IN tmSessionID -- session ID of the session to be closed 1247 ) 1249 The following describes the procedure to follow to close a session 1250 between a client and server. This process is followed by any SNMP 1251 engine closing the corresponding SNMP session. 1253 1) Increment either the snmpTlstmSessionClientCloses or the 1254 snmpTlstmSessionServerCloses counter as appropriate. 1256 2) Look up the session using the tmSessionID. 1258 3) If there is no open session associated with the tmSessionID, then 1259 closeSession processing is completed. 1261 4) Have (D)TLS close the specified connection. This MUST include 1262 sending a close_notify TLS Alert to inform the other side that 1263 session cleanup may be performed. 1265 6. MIB Module Overview 1267 This MIB module provides management of the TLS Transport Model. It 1268 defines needed textual conventions, statistical counters, 1269 notifications and configuration infrastructure necessary for session 1270 establishment. Example usage of the configuration tables can be 1271 found in Appendix A. 1273 6.1. Structure of the MIB Module 1275 Objects in this MIB module are arranged into subtrees. Each subtree 1276 is organized as a set of related objects. The overall structure and 1277 assignment of objects to their subtrees, and the intended purpose of 1278 each subtree, is shown below. 1280 6.2. Textual Conventions 1282 Generic and Common Textual Conventions used in this module can be 1283 found summarized at http://www.ops.ietf.org/mib-common-tcs.html 1285 This module defines the following new Textual Conventions: 1287 o A new TransportAddress format for describing (D)TLS connection 1288 addressing requirements. 1290 o A certificate fingerprint allowing MIB module objects to 1291 generically refer to a stored X.509 certificate using a 1292 cryptographic hash as a reference pointer. 1294 6.3. Statistical Counters 1296 The SNMP-TLS-TM-MIB defines counters that provide network management 1297 stations with information about session usage and potential errors 1298 that a MIB-instrumented device may be experiencing. 1300 6.4. Configuration Tables 1302 The SNMP-TLS-TM-MIB defines configuration tables that an 1303 administrator can use for configuring a MIB-instrumented device for 1304 sending and receiving SNMP messages over (D)TLS. In particular, 1305 there are MIB tables that extend the SNMP-TARGET-MIB for configuring 1306 (D)TLS certificate usage and a MIB table for mapping incoming (D)TLS 1307 client certificates to SNMPv3 securityNames. 1309 6.4.1. Notifications 1311 The SNMP-TLS-TM-MIB defines notifications to alert management 1312 stations when a (D)TLS connection fails because a server's presented 1313 certificate did not meet an expected value 1314 (snmpTlstmServerCertificateUnknown) or because cryptographic 1315 validation failed (snmpTlstmServerInvalidCertificate). 1317 6.5. Relationship to Other MIB Modules 1319 Some management objects defined in other MIB modules are applicable 1320 to an entity implementing the TLS Transport Model. In particular, it 1321 is assumed that an entity implementing the SNMP-TLS-TM-MIB will 1322 implement the SNMPv2-MIB [RFC3418], the SNMP-FRAMEWORK-MIB [RFC3411], 1323 the SNMP-TARGET-MIB [RFC3413], the SNMP-NOTIFICATION-MIB [RFC3413] 1324 and the SNMP-VIEW-BASED-ACM-MIB [RFC3415]. 1326 The SNMP-TLS-TM-MIB module contained in this document is for managing 1327 TLS Transport Model information. 1329 6.5.1. MIB Modules Required for IMPORTS 1331 The SNMP-TLS-TM-MIB module imports items from SNMPv2-SMI [RFC2578], 1332 SNMPv2-TC [RFC2579], SNMP-FRAMEWORK-MIB [RFC3411], SNMP-TARGET-MIB 1333 [RFC3413] and SNMPv2-CONF [RFC2580]. 1335 7. MIB Module Definition 1337 SNMP-TLS-TM-MIB DEFINITIONS ::= BEGIN 1339 IMPORTS 1340 MODULE-IDENTITY, OBJECT-TYPE, 1341 OBJECT-IDENTITY, mib-2, snmpDomains, 1342 Counter32, Unsigned32, Gauge32, NOTIFICATION-TYPE 1343 FROM SNMPv2-SMI 1344 TEXTUAL-CONVENTION, TimeStamp, RowStatus, StorageType, 1345 AutonomousType 1346 FROM SNMPv2-TC 1347 MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP 1348 FROM SNMPv2-CONF 1349 SnmpAdminString 1350 FROM SNMP-FRAMEWORK-MIB 1351 snmpTargetParamsName, snmpTargetAddrName 1352 FROM SNMP-TARGET-MIB 1353 ; 1355 snmpTlstmMIB MODULE-IDENTITY 1356 LAST-UPDATED "201005040000Z" 1357 ORGANIZATION "ISMS Working Group" 1358 CONTACT-INFO "WG-EMail: isms@lists.ietf.org 1359 Subscribe: isms-request@lists.ietf.org 1361 Chairs: 1362 Juergen Schoenwaelder 1363 Jacobs University Bremen 1364 Campus Ring 1 1365 28725 Bremen 1366 Germany 1367 +49 421 200-3587 1368 j.schoenwaelder@jacobs-university.de 1370 Russ Mundy 1371 SPARTA, Inc. 1372 7110 Samuel Morse Drive 1373 Columbia, MD 21046 1374 USA 1376 Editor: 1377 Wes Hardaker 1378 Sparta, Inc. 1379 P.O. Box 382 1380 Davis, CA 95617 1381 USA 1382 ietf@hardakers.net 1383 " 1385 DESCRIPTION " 1386 The TLS Transport Model MIB 1388 Copyright (c) 2010 IETF Trust and the persons identified as 1389 the document authors. All rights reserved. 1391 Redistribution and use in source and binary forms, with or 1392 without modification, is permitted pursuant to, and subject 1393 to the license terms contained in, the Simplified BSD License 1394 set forth in Section 4.c of the IETF Trust's Legal Provisions 1395 Relating to IETF Documents 1396 (http://trustee.ietf.org/license-info)." 1398 REVISION "201005040000Z" 1399 DESCRIPTION "This version of this MIB module is part of 1400 RFC XXXX; see the RFC itself for full legal 1401 notices." 1403 -- NOTE to RFC editor: replace XXXX with actual RFC number 1404 -- for this document and change the date to the 1405 -- current date and remove this note 1407 ::= { mib-2 www } 1408 -- RFC Ed.: replace www with IANA-assigned number under the mib-2 1409 -- SNMP OID tree and remove this note 1411 -- ************************************************ 1412 -- subtrees of the SNMP-TLS-TM-MIB 1413 -- ************************************************ 1414 snmpTlstmNotifications OBJECT IDENTIFIER ::= { snmpTlstmMIB 0 } 1415 snmpTlstmIdentities OBJECT IDENTIFIER ::= { snmpTlstmMIB 1 } 1416 snmpTlstmObjects OBJECT IDENTIFIER ::= { snmpTlstmMIB 2 } 1417 snmpTlstmConformance OBJECT IDENTIFIER ::= { snmpTlstmMIB 3 } 1419 -- ************************************************ 1420 -- snmpTlstmObjects - Objects 1421 -- ************************************************ 1423 snmpTLSTCPDomain OBJECT-IDENTITY 1424 STATUS current 1425 DESCRIPTION 1426 "The SNMP over TLS transport domain. The corresponding 1427 transport address is of type SnmpTLSAddress. 1429 The securityName prefix to be associated with the 1430 snmpTLSTCPDomain is 'tls'. This prefix may be used by 1431 security models or other components to identify which secure 1432 transport infrastructure authenticated a securityName." 1433 REFERENCE 1434 "RFC 2579: Textual Conventions for SMIv2" 1436 ::= { snmpDomains xx } 1438 -- RFC Ed.: replace xx with IANA-assigned number and 1439 -- remove this note 1441 -- RFC Ed.: replace 'tls' with the actual IANA assigned prefix string 1442 -- if 'tls' is not assigned to this document. 1444 snmpDTLSUDPDomain OBJECT-IDENTITY 1445 STATUS current 1446 DESCRIPTION 1447 "The SNMP over DTLS/UDP transport domain. The corresponding 1448 transport address is of type SnmpTLSAddress. 1450 The securityName prefix to be associated with the 1451 snmpDTLSUDPDomain is 'dtls'. This prefix may be used by 1452 security models or other components to identify which secure 1453 transport infrastructure authenticated a securityName." 1454 REFERENCE 1455 "RFC 2579: Textual Conventions for SMIv2" 1457 ::= { snmpDomains yy } 1459 -- RFC Ed.: replace yy with IANA-assigned number and 1460 -- remove this note 1462 -- RFC Ed.: replace 'dtls' with the actual IANA assigned prefix string 1463 -- if 'dtls' is not assigned to this document. 1465 SnmpTLSAddress ::= TEXTUAL-CONVENTION 1466 DISPLAY-HINT "1a" 1467 STATUS current 1468 DESCRIPTION 1469 "Represents a IPv4 address, an IPv6 address or an US-ASCII 1470 encoded hostname and port number. 1472 An IPv4 address must be in dotted decimal format followed by a 1473 colon ':' (US-ASCII character 0x3A) and a decimal port number 1474 in US-ASCII. 1476 An IPv6 address must be a colon separated format (as described 1477 in I-D.ietf-6man-text-addr-representation), surrounded by 1478 square brackets ('[', US-ASCII character 0x5B, and ']', 1479 US-ASCII character 0x5D), followed by a colon ':' (US-ASCII 1480 character 0x3A) and a decimal port number in US-ASCII. 1482 A hostname is always in US-ASCII (as per RFC1033); 1483 internationalized hostnames are encoded in US-ASCII as domain 1484 names after transformation via the ToASCII operation specified 1485 in RFC 3490. The ToASCII operation MUST be performed with the 1486 UseSTD3ASCIIRules flag set. The hostname is followed by a 1487 colon ':' (US-ASCII character 0x3A) and a decimal port number 1488 in US-ASCII. The name SHOULD be fully qualified whenever 1489 possible. 1491 Values of this textual convention may not be directly usable 1492 as transport-layer addressing information, and may require 1493 run-time resolution. As such, applications that write them 1494 must be prepared for handling errors if such values are not 1495 supported, or cannot be resolved (if resolution occurs at the 1496 time of the management operation). 1498 The DESCRIPTION clause of TransportAddress objects that may 1499 have SnmpTLSAddress values must fully describe how (and 1500 when) such names are to be resolved to IP addresses and vice 1501 versa. 1503 This textual convention SHOULD NOT be used directly in object 1504 definitions since it restricts addresses to a specific 1505 format. However, if it is used, it MAY be used either on its 1506 own or in conjunction with TransportAddressType or 1507 TransportDomain as a pair. 1509 When this textual convention is used as a syntax of an index 1510 object, there may be issues with the limit of 128 1511 sub-identifiers specified in SMIv2 (STD 58). It is RECOMMENDED 1512 that all MIB documents using this textual convention make 1513 explicit any limitations on index component lengths that 1514 management software must observe. This may be done either by 1515 including SIZE constraints on the index components or by 1516 specifying applicable constraints in the conceptual row 1517 DESCRIPTION clause or in the surrounding documentation." 1518 REFERENCE 1519 "RFC 1033: DOMAIN ADMINISTRATORS OPERATIONS GUIDE 1520 RFC 3490: Internationalizing Domain Names in Applications 1521 I-D.ietf-6man-text-addr-representation: 1522 A Recommendation for IPv6 Address Text Representation 1523 " 1524 SYNTAX OCTET STRING (SIZE (1..255)) 1526 -- RFC Editor: if I-D.ietf-6man-text-addr-representation fails to get 1527 -- published ahead of this draft, RFC3513 has been agreed to be a 1528 -- sufficient replacement instead. 1530 SnmpTLSFingerprint ::= TEXTUAL-CONVENTION 1531 DISPLAY-HINT "1x:254x" 1532 STATUS current 1533 DESCRIPTION 1534 "A fingerprint value that can be used to uniquely reference 1535 other data of potentially arbitrary length. 1537 A SnmpTLSFingerprint value is composed of a 1-octet hashing 1538 algorithm identifier followed by the fingerprint value. The 1539 octet value encoded is taken from the IANA TLS HashAlgorithm 1540 Registry (RFC5246). The remaining octets are filled using the 1541 results of the hashing algorithm. 1543 This TEXTUAL-CONVENTION allows for a zero-length (blank) 1544 SnmpTLSFingerprint value for use in tables where the 1545 fingerprint value may be optional. MIB definitions or 1546 implementations may refuse to accept a zero-length value as 1547 appropriate." REFERENCE "RFC 5246: The Transport Layer 1548 Security (TLS) Protocol Version 1.2 1549 http://www.iana.org/assignments/tls-parameters/ " SYNTAX OCTET 1550 STRING (SIZE (0..255)) 1552 -- Identities for use in the snmpTlstmCertToTSNTable 1554 snmpTlstmCertToTSNMIdentities OBJECT IDENTIFIER 1555 ::= { snmpTlstmIdentities 1 } 1557 snmpTlstmCertSpecified OBJECT-IDENTITY 1558 STATUS current 1559 DESCRIPTION "Directly specifies the tmSecurityName to be used for 1560 this certificate. The value of the tmSecurityName 1561 to use is specified in the snmpTlstmCertToTSNData 1562 column. The snmpTlstmCertToTSNData column must 1563 contain a non-zero length SnmpAdminString compliant 1564 value or the mapping described in this row must be 1565 considered a failure." 1566 ::= { snmpTlstmCertToTSNMIdentities 1 } 1568 snmpTlstmCertSANRFC822Name OBJECT-IDENTITY 1569 STATUS current 1570 DESCRIPTION "Maps a subjectAltName's rfc822Name to a 1571 tmSecurityName. The local part of the rfc822Name is 1572 passed unaltered but the host-part of the name must 1573 be passed in lower case. 1575 Example rfc822Name Field: FooBar@Example.COM 1576 is mapped to tmSecurityName: FooBar@example.com" 1577 ::= { snmpTlstmCertToTSNMIdentities 2 } 1579 snmpTlstmCertSANDNSName OBJECT-IDENTITY 1580 STATUS current 1581 DESCRIPTION "Maps a subjectAltName's dNSName to a 1582 tmSecurityName after first converting it to all 1583 lower case." 1584 ::= { snmpTlstmCertToTSNMIdentities 3 } 1586 snmpTlstmCertSANIpAddress OBJECT-IDENTITY 1587 STATUS current 1588 DESCRIPTION "Maps a subjectAltName's iPAddress to a 1589 tmSecurityName by transforming the binary encoded 1590 address as follows: 1592 1) for IPv4 the value is converted into a decimal 1593 dotted quad address (e.g. '192.0.2.1') 1595 2) for IPv6 addresses the value is converted into a 1596 32-character all lowercase hexadecimal string 1597 without any colon separators. 1599 Note that the resulting length is the maximum 1600 length supported by the View-Based Access Control 1601 Model (VACM). Note that using both the Transport 1602 Security Model's support for transport prefixes 1603 (see the SNMP-TSM-MIB's 1604 snmpTsmConfigurationUsePrefix object for details) 1605 will result in securityName lengths that exceed 1606 what VACM can handle." 1607 ::= { snmpTlstmCertToTSNMIdentities 4 } 1609 snmpTlstmCertSANAny OBJECT-IDENTITY 1610 STATUS current 1611 DESCRIPTION "Maps any of the following fields using the 1612 corresponding mapping algorithms: 1614 |------------+----------------------------| 1615 | Type | Algorithm | 1616 |------------+----------------------------| 1617 | rfc822Name | snmpTlstmCertSANRFC822Name | 1618 | dNSName | snmpTlstmCertSANDNSName | 1619 | iPAddress | snmpTlstmCertSANIpAddress | 1620 |------------+----------------------------| 1622 The first matching subjectAltName value found in the 1623 certificate of the above types MUST be used when 1624 deriving the tmSecurityName. The mapping algorithm 1625 specified in the 'Algorithm' column MUST be used to 1626 derive the tmSecurityName." 1627 ::= { snmpTlstmCertToTSNMIdentities 5 } 1629 snmpTlstmCertCommonName OBJECT-IDENTITY 1630 STATUS current 1632 DESCRIPTION "Maps a certificate's CommonName to a tmSecurityName 1633 after converting it to a UTF-8 encoding." 1634 ::= { snmpTlstmCertToTSNMIdentities 6 } 1636 -- The snmpTlstmSession Group 1638 snmpTlstmSession OBJECT IDENTIFIER ::= { snmpTlstmObjects 1 } 1640 snmpTlstmSessionOpens OBJECT-TYPE 1641 SYNTAX Counter32 1642 MAX-ACCESS read-only 1643 STATUS current 1644 DESCRIPTION 1645 "The number of times an openSession() request has been executed 1646 as an (D)TLS client, regardless of whether it succeeded or 1647 failed." 1648 ::= { snmpTlstmSession 1 } 1650 snmpTlstmSessionClientCloses OBJECT-TYPE 1651 SYNTAX Counter32 1652 MAX-ACCESS read-only 1653 STATUS current 1654 DESCRIPTION 1655 "The number of times a closeSession() request has been 1656 executed as an (D)TLS client, regardless of whether it 1657 succeeded or failed." 1658 ::= { snmpTlstmSession 2 } 1660 snmpTlstmSessionOpenErrors OBJECT-TYPE 1661 SYNTAX Counter32 1662 MAX-ACCESS read-only 1663 STATUS current 1664 DESCRIPTION 1665 "The number of times an openSession() request failed to open a 1666 session as a (D)TLS client, for any reason." 1667 ::= { snmpTlstmSession 3 } 1669 snmpTlstmSessionAccepts OBJECT-TYPE 1670 SYNTAX Counter32 1671 MAX-ACCESS read-only 1672 STATUS current 1673 DESCRIPTION 1674 "The number of times a (D)TLS server has accepted a new 1675 connection from a client and has received at least one SNMP 1676 message through it." 1677 ::= { snmpTlstmSession 4 } 1679 snmpTlstmSessionServerCloses OBJECT-TYPE 1680 SYNTAX Counter32 1681 MAX-ACCESS read-only 1682 STATUS current 1683 DESCRIPTION 1684 "The number of times a closeSession() request has been 1685 executed as an (D)TLS server, regardless of whether it 1686 succeeded or failed." 1687 ::= { snmpTlstmSession 5 } 1689 snmpTlstmSessionNoSessions OBJECT-TYPE 1690 SYNTAX Counter32 1691 MAX-ACCESS read-only 1692 STATUS current 1693 DESCRIPTION 1694 "The number of times an outgoing message was dropped because 1695 the session associated with the passed tmStateReference was no 1696 longer (or was never) available." 1697 ::= { snmpTlstmSession 6 } 1699 snmpTlstmSessionInvalidClientCertificates OBJECT-TYPE 1700 SYNTAX Counter32 1701 MAX-ACCESS read-only 1702 STATUS current 1703 DESCRIPTION 1704 "The number of times an incoming session was not established 1705 on an (D)TLS server because the presented client certificate 1706 was invalid. Reasons for invalidation include, but are not 1707 limited to, cryptographic validation failures or lack of a 1708 suitable mapping row in the snmpTlstmCertToTSNTable." 1709 ::= { snmpTlstmSession 7 } 1711 snmpTlstmSessionUnknownServerCertificate OBJECT-TYPE 1712 SYNTAX Counter32 1713 MAX-ACCESS read-only 1714 STATUS current 1715 DESCRIPTION 1716 "The number of times an outgoing session was not established 1717 on an (D)TLS client because the server certificate presented 1718 by a SNMP over (D)TLS server was invalid because no 1719 configured fingerprint or CA was acceptable to validate it. 1720 This may result because there was no entry in the 1721 snmpTlstmAddrTable or because no path could be found to a 1722 known certification authority." 1723 ::= { snmpTlstmSession 8 } 1725 snmpTlstmSessionInvalidServerCertificates OBJECT-TYPE 1726 SYNTAX Counter32 1727 MAX-ACCESS read-only 1728 STATUS current 1729 DESCRIPTION 1730 "The number of times an outgoing session was not established 1731 on an (D)TLS client because the server certificate presented 1732 by an SNMP over (D)TLS server could not be validated even if 1733 the fingerprint or expected validation path was known. I.E., 1734 a cryptographic validation error occurred during certificate 1735 validation processing. 1737 Reasons for invalidation include, but are not 1738 limited to, cryptographic validation failures." 1739 ::= { snmpTlstmSession 9 } 1741 snmpTlstmSessionInvalidCaches OBJECT-TYPE 1742 SYNTAX Counter32 1743 MAX-ACCESS read-only 1744 STATUS current 1745 DESCRIPTION 1746 "The number of outgoing messages dropped because the 1747 tmStateReference referred to an invalid cache." 1749 ::= { snmpTlstmSession 10 } 1751 -- Configuration Objects 1753 snmpTlstmConfig OBJECT IDENTIFIER ::= { snmpTlstmObjects 2 } 1755 -- Certificate mapping 1757 snmpTlstmCertificateMapping OBJECT IDENTIFIER ::= { snmpTlstmConfig 1 } 1759 snmpTlstmCertToTSNCount OBJECT-TYPE 1760 SYNTAX Gauge32 1761 MAX-ACCESS read-only 1762 STATUS current 1763 DESCRIPTION 1764 "A count of the number of entries in the 1765 snmpTlstmCertToTSNTable" 1766 ::= { snmpTlstmCertificateMapping 1 } 1768 snmpTlstmCertToTSNTableLastChanged OBJECT-TYPE 1769 SYNTAX TimeStamp 1770 MAX-ACCESS read-only 1771 STATUS current 1772 DESCRIPTION 1773 "The value of sysUpTime.0 when the snmpTlstmCertToTSNTable was 1774 last modified through any means, or 0 if it has not been 1775 modified since the command responder was started." 1776 ::= { snmpTlstmCertificateMapping 2 } 1778 snmpTlstmCertToTSNTable OBJECT-TYPE 1779 SYNTAX SEQUENCE OF SnmpTlstmCertToTSNEntry 1780 MAX-ACCESS not-accessible 1781 STATUS current 1782 DESCRIPTION 1783 "This table is used by a (D)TLS server to map the (D)TLS 1784 client's presented X.509 certificate to a tmSecurityName. 1786 On an incoming (D)TLS/SNMP connection the client's presented 1787 certificate must either be validated based on an established 1788 trust anchor, or it must directly match a fingerprint in this 1789 table. This table does not provide any mechanisms for 1790 configuring the trust anchors; the transfer of any needed 1791 trusted certificates for path validation is expected to occur 1792 through an out-of-band transfer. 1794 Once the certificate has been found acceptable (either by path 1795 validation or directly matching a fingerprint in this table), 1796 this table is consulted to determine the appropriate 1797 tmSecurityName to identify with the remote connection. This 1798 is done by considering each active row from this table in 1799 prioritized order according to its snmpTlstmCertToTSNID value. 1800 Each row's snmpTlstmCertToTSNFingerprint value determines 1801 whether the row is a match for the incoming connection: 1803 1) If the row's snmpTlstmCertToTSNFingerprint value 1804 identifies the presented certificate then consider the 1805 row as a successful match. 1807 2) If the row's snmpTlstmCertToTSNFingerprint value 1808 identifies a locally held copy of a trusted CA 1809 certificate and that CA certificate was used to 1810 validate the path to the presented certificate then 1811 consider the row as a successful match. 1813 Once a matching row has been found, the 1814 snmpTlstmCertToTSNMapType value can be used to determine how 1815 the tmSecurityName to associate with the session should be 1816 determined. See the snmpTlstmCertToTSNMapType column's 1817 DESCRIPTION for details on determining the tmSecurityName 1818 value. If it is impossible to determine a tmSecurityName from 1819 the row's data combined with the data presented in the 1820 certificate then additional rows MUST be searched looking for 1821 another potential match. If a resulting tmSecurityName mapped 1822 from a given row is not compatible with the needed 1823 requirements of a tmSecurityName (e.g., VACM imposes a 1824 32-octet-maximum length and the certificate derived 1825 securityName could be longer) then it must be considered an 1826 invalid match and additional rows MUST be searched looking for 1827 another potential match. 1829 If no matching and valid row can be found, the connection MUST 1830 be closed and SNMP messages MUST NOT be accepted over it. 1832 Missing values of snmpTlstmCertToTSNID are acceptable and 1833 implementations should continue to the next highest numbered 1834 row. It is recommended that administrators skip index values 1835 to leave room for the insertion of future rows (E.G., use values 1836 of 10 and 20 when creating initial rows). 1838 Users are encouraged to make use of certificates with 1839 subjectAltName fields that can be used as tmSecurityNames so 1840 that a single root CA certificate can allow all child 1841 certificate's subjectAltName to map directly to a 1842 tmSecurityName via a 1:1 transformation. However, this table 1843 is flexible to allow for situations where existing deployed 1844 certificate infrastructures do not provide adequate 1845 subjectAltName values for use as tmSecurityNames. 1846 Certificates may also be mapped to tmSecurityNames using the 1847 CommonName portion of the Subject field. However, the usage 1848 of the CommonName field is deprecated and thus this usage is 1849 NOT RECOMMENDED. Direct mapping from each individual 1850 certificate fingerprint to a tmSecurityName is also possible 1851 but requires one entry in the table per tmSecurityName and 1852 requires more management operations to completely configure a 1853 device." 1854 ::= { snmpTlstmCertificateMapping 3 } 1856 snmpTlstmCertToTSNEntry OBJECT-TYPE 1857 SYNTAX SnmpTlstmCertToTSNEntry 1858 MAX-ACCESS not-accessible 1859 STATUS current 1860 DESCRIPTION 1861 "A row in the snmpTlstmCertToTSNTable that specifies a mapping 1862 for an incoming (D)TLS certificate to a tmSecurityName to use 1863 for a connection." 1864 INDEX { snmpTlstmCertToTSNID } 1865 ::= { snmpTlstmCertToTSNTable 1 } 1867 SnmpTlstmCertToTSNEntry ::= SEQUENCE { 1868 snmpTlstmCertToTSNID Unsigned32, 1869 snmpTlstmCertToTSNFingerprint SnmpTLSFingerprint, 1870 snmpTlstmCertToTSNMapType AutonomousType, 1871 snmpTlstmCertToTSNData OCTET STRING, 1872 snmpTlstmCertToTSNStorageType StorageType, 1873 snmpTlstmCertToTSNRowStatus RowStatus 1874 } 1876 snmpTlstmCertToTSNID OBJECT-TYPE 1877 SYNTAX Unsigned32 (1..4294967295) 1878 MAX-ACCESS not-accessible 1879 STATUS current 1880 DESCRIPTION 1881 "A unique, prioritized index for the given entry. Lower 1882 numbers indicate a higher priority." 1883 ::= { snmpTlstmCertToTSNEntry 1 } 1885 snmpTlstmCertToTSNFingerprint OBJECT-TYPE 1886 SYNTAX SnmpTLSFingerprint (SIZE(1..255)) 1887 MAX-ACCESS read-create 1888 STATUS current 1889 DESCRIPTION 1890 "A cryptographic hash of a X.509 certificate. The results of 1891 a successful matching fingerprint to either the trusted CA in 1892 the certificate validation path or to the certificate itself 1893 is dictated by the snmpTlstmCertToTSNMapType column." 1894 ::= { snmpTlstmCertToTSNEntry 2 } 1896 snmpTlstmCertToTSNMapType OBJECT-TYPE 1897 SYNTAX AutonomousType 1898 MAX-ACCESS read-create 1899 STATUS current 1900 DESCRIPTION 1901 "Specifies the mapping type for deriving a tmSecurityName from 1902 a certificate. Details for mapping of a particular type SHALL 1903 be specified in the DESCRIPTION clause of the OBJECT-IDENTITY 1904 that describes the mapping. If a mapping succeeds it will 1905 return a tmSecurityName for use by the TLSTM model and 1906 processing stops. 1908 If the resulting mapped value is not compatible with the 1909 needed requirements of a tmSecurityName (e.g., VACM imposes a 1910 32-octet-maximum length and the certificate derived 1911 securityName could be longer) then future rows MUST be 1912 searched for additional snmpTlstmCertToTSNFingerprint matches 1913 to look for a mapping that succeeds. 1915 Suitable values for assigning to this object that are defined 1916 within the SNMP-TLS-TM-MIB can be found in the 1917 snmpTlstmCertToTSNMIdentities portion of the MIB tree." 1918 DEFVAL { snmpTlstmCertSpecified } 1919 ::= { snmpTlstmCertToTSNEntry 3 } 1921 snmpTlstmCertToTSNData OBJECT-TYPE 1922 SYNTAX OCTET STRING (SIZE(0..1024)) 1923 MAX-ACCESS read-create 1924 STATUS current 1925 DESCRIPTION 1926 "Auxiliary data used as optional configuration information for 1927 a given mapping specified by the snmpTlstmCertToTSNMapType 1928 column. Only some mapping systems will make use of this 1929 column. The value in this column MUST be ignored for any 1930 mapping type that does not require data present in this 1931 column." 1932 DEFVAL { "" } 1933 ::= { snmpTlstmCertToTSNEntry 4 } 1935 snmpTlstmCertToTSNStorageType OBJECT-TYPE 1936 SYNTAX StorageType 1937 MAX-ACCESS read-create 1938 STATUS current 1939 DESCRIPTION 1940 "The storage type for this conceptual row. Conceptual rows 1941 having the value 'permanent' need not allow write-access to 1942 any columnar objects in the row." 1943 DEFVAL { nonVolatile } 1944 ::= { snmpTlstmCertToTSNEntry 5 } 1946 snmpTlstmCertToTSNRowStatus OBJECT-TYPE 1947 SYNTAX RowStatus 1948 MAX-ACCESS read-create 1949 STATUS current 1950 DESCRIPTION 1951 "The status of this conceptual row. This object may be used 1952 to create or remove rows from this table. 1954 To create a row in this table, an administrator must set this 1955 object to either createAndGo(4) or createAndWait(5). 1957 Until instances of all corresponding columns are appropriately 1958 configured, the value of the corresponding instance of the 1959 snmpTlstmParamsRowStatus column is notReady(3). 1961 In particular, a newly created row cannot be made active until 1962 the corresponding snmpTlstmCertToTSNFingerprint, 1963 snmpTlstmCertToTSNMapType, and snmpTlstmCertToTSNData columns 1964 have been set. 1966 The following objects may not be modified while the 1967 value of this object is active(1): 1968 - snmpTlstmCertToTSNFingerprint 1969 - snmpTlstmCertToTSNMapType 1970 - snmpTlstmCertToTSNData 1971 An attempt to set these objects while the value of 1972 snmpTlstmParamsRowStatus is active(1) will result in 1973 an inconsistentValue error." 1974 ::= { snmpTlstmCertToTSNEntry 6 } 1976 -- Maps tmSecurityNames to certificates for use by the SNMP-TARGET-MIB 1978 snmpTlstmParamsCount OBJECT-TYPE 1979 SYNTAX Gauge32 1980 MAX-ACCESS read-only 1981 STATUS current 1982 DESCRIPTION 1983 "A count of the number of entries in the snmpTlstmParamsTable" 1984 ::= { snmpTlstmCertificateMapping 4 } 1986 snmpTlstmParamsTableLastChanged OBJECT-TYPE 1987 SYNTAX TimeStamp 1988 MAX-ACCESS read-only 1989 STATUS current 1990 DESCRIPTION 1991 "The value of sysUpTime.0 when the snmpTlstmParamsTable 1992 was last modified through any means, or 0 if it has not been 1993 modified since the command responder was started." 1994 ::= { snmpTlstmCertificateMapping 5 } 1996 snmpTlstmParamsTable OBJECT-TYPE 1997 SYNTAX SEQUENCE OF SnmpTlstmParamsEntry 1998 MAX-ACCESS not-accessible 1999 STATUS current 2000 DESCRIPTION 2001 "This table is used by a (D)TLS client when a (D)TLS 2002 connection is being set up using an entry in the 2003 SNMP-TARGET-MIB. It extends the SNMP-TARGET-MIB's 2004 snmpTargetParamsTable with a fingerprint of a certificate to 2005 use when establishing such a (D)TLS connection." 2006 ::= { snmpTlstmCertificateMapping 6 } 2008 snmpTlstmParamsEntry OBJECT-TYPE 2009 SYNTAX SnmpTlstmParamsEntry 2010 MAX-ACCESS not-accessible 2011 STATUS current 2012 DESCRIPTION 2013 "A conceptual row containing a fingerprint hash of a locally 2014 held certificate for a given snmpTargetParamsEntry. The 2015 values in this row should be ignored if the connection that 2016 needs to be established, as indicated by the SNMP-TARGET-MIB 2017 infrastructure, is not a certificate and (D)TLS based 2018 connection. The connection SHOULD NOT be established if the 2019 certificate fingerprint stored in this entry does not point to 2020 a valid locally held certificate or if it points to an 2021 unusable certificate (such as might happen when the 2022 certificate's expiration date has been reached)." 2023 INDEX { IMPLIED snmpTargetParamsName } 2024 ::= { snmpTlstmParamsTable 1 } 2026 SnmpTlstmParamsEntry ::= SEQUENCE { 2027 snmpTlstmParamsClientFingerprint SnmpTLSFingerprint, 2028 snmpTlstmParamsStorageType StorageType, 2029 snmpTlstmParamsRowStatus RowStatus 2030 } 2032 snmpTlstmParamsClientFingerprint OBJECT-TYPE 2033 SYNTAX SnmpTLSFingerprint 2034 MAX-ACCESS read-create 2035 STATUS current 2036 DESCRIPTION 2037 "This object stores the hash of the public portion of a 2038 locally held X.509 certificate. The X.509 certificate, its 2039 public key, and the corresponding private key will be used 2040 when initiating a (D)TLS connection as a (D)TLS client." 2041 ::= { snmpTlstmParamsEntry 1 } 2043 snmpTlstmParamsStorageType OBJECT-TYPE 2044 SYNTAX StorageType 2045 MAX-ACCESS read-create 2046 STATUS current 2047 DESCRIPTION 2048 "The storage type for this conceptual row. Conceptual rows 2049 having the value 'permanent' need not allow write-access to 2050 any columnar objects in the row." 2051 DEFVAL { nonVolatile } 2052 ::= { snmpTlstmParamsEntry 2 } 2054 snmpTlstmParamsRowStatus OBJECT-TYPE 2055 SYNTAX RowStatus 2056 MAX-ACCESS read-create 2057 STATUS current 2058 DESCRIPTION 2059 "The status of this conceptual row. This object may be used 2060 to create or remove rows from this table. 2062 To create a row in this table, an administrator must set this 2063 object to either createAndGo(4) or createAndWait(5). 2065 Until instances of all corresponding columns are appropriately 2066 configured, the value of the corresponding instance of the 2067 snmpTlstmParamsRowStatus column is notReady(3). 2069 In particular, a newly created row cannot be made active until 2070 the corresponding snmpTlstmParamsClientFingerprint column has 2071 been set. 2073 The snmpTlstmParamsClientFingerprint object may not be modified 2074 while the value of this object is active(1). 2076 An attempt to set these objects while the value of 2077 snmpTlstmParamsRowStatus is active(1) will result in 2078 an inconsistentValue error." 2079 ::= { snmpTlstmParamsEntry 3 } 2081 snmpTlstmAddrCount OBJECT-TYPE 2082 SYNTAX Gauge32 2083 MAX-ACCESS read-only 2084 STATUS current 2085 DESCRIPTION 2086 "A count of the number of entries in the snmpTlstmAddrTable" 2087 ::= { snmpTlstmCertificateMapping 7 } 2089 snmpTlstmAddrTableLastChanged OBJECT-TYPE 2090 SYNTAX TimeStamp 2091 MAX-ACCESS read-only 2092 STATUS current 2093 DESCRIPTION 2094 "The value of sysUpTime.0 when the snmpTlstmAddrTable 2095 was last modified through any means, or 0 if it has not been 2096 modified since the command responder was started." 2097 ::= { snmpTlstmCertificateMapping 8 } 2099 snmpTlstmAddrTable OBJECT-TYPE 2100 SYNTAX SEQUENCE OF SnmpTlstmAddrEntry 2101 MAX-ACCESS not-accessible 2102 STATUS current 2103 DESCRIPTION 2104 "This table is used by a (D)TLS client when a (D)TLS 2105 connection is being set up using an entry in the 2106 SNMP-TARGET-MIB. It extends the SNMP-TARGET-MIB's 2107 snmpTargetAddrTable so that the client can verify that the 2108 correct server has been reached. This verification can use 2109 either a certificate fingerprint, or an identity 2110 authenticated via certification path validation. 2112 If there is an active row in this table corresponding to the 2113 entry in the SNMP-TARGET-MIB that was used to establish the 2114 connection, and the row's snmpTlstmAddrServerFingerprint 2115 column has non-empty value, then the server's presented 2116 certificate is compared with the 2117 snmpTlstmAddrServerFingerprint value (and the 2118 snmpTlstmAddrServerIdentity column is ignored). If the 2119 fingerprint matches, the verification has succeeded. If the 2120 fingerprint does not match then the connection MUST be 2121 closed. 2123 If the server's presented certificate has passed 2124 certification path validation [RFC5280] to a configured 2125 trust anchor, and an active row exists with a zero-length 2126 snmpTlstmAddrServerFingerprint value, then the 2127 snmpTlstmAddrServerIdentity column contains the expected 2128 host name. This expected host name is then compared against 2129 the server's certificate as follows: 2131 - Implementations MUST support matching the expected host 2132 name against a dNSName in the subjectAltName extension 2133 field and SHOULD support checking the name against the 2134 common name portion of the subject distinguished name. 2136 - The '*' (ASCII 0x2a) wildcard character is allowed in the 2137 dNSName of the subjectAltName extension (and in common 2138 name, if used to store the host name), but only as the 2139 left-most (least significant) DNS label in that value. 2140 This wildcard matches any left-most DNS label in the 2141 server name. That is, the subject *.example.com matches 2142 the server names a.example.com and b.example.com, but does 2143 not match example.com or a.b.example.com. Implementations 2144 MUST support wildcards in certificates as specified above, 2145 but MAY provide a configuration option to disable them. 2147 - If the locally configured name is an internationalized 2148 domain name, conforming implementations MUST convert it to 2149 the ASCII Compatible Encoding (ACE) format for performing 2150 comparisons, as specified in Section 7 of [RFC5280]. 2152 If the expected host name fails these conditions then the 2153 connection MUST be closed. 2155 If there is no row in this table corresponding to the entry 2156 in the SNMP-TARGET-MIB and the server can be authorized by 2157 another, implementation dependent means, then the connection 2158 MAY still proceed." 2160 ::= { snmpTlstmCertificateMapping 9 } 2162 snmpTlstmAddrEntry OBJECT-TYPE 2163 SYNTAX SnmpTlstmAddrEntry 2164 MAX-ACCESS not-accessible 2165 STATUS current 2166 DESCRIPTION 2167 "A conceptual row containing a copy of a certificate's 2168 fingerprint for a given snmpTargetAddrEntry. The values in 2169 this row should be ignored if the connection that needs to be 2170 established, as indicated by the SNMP-TARGET-MIB 2171 infrastructure, is not a (D)TLS based connection. If an 2172 snmpTlstmAddrEntry exists for a given snmpTargetAddrEntry then 2173 the presented server certificate MUST match or the connection 2174 MUST NOT be established. If a row in this table does not 2175 exist to match a snmpTargetAddrEntry row then the connection 2176 SHOULD still proceed if some other certificate validation path 2177 algorithm (e.g. RFC5280) can be used." 2178 INDEX { IMPLIED snmpTargetAddrName } 2179 ::= { snmpTlstmAddrTable 1 } 2181 SnmpTlstmAddrEntry ::= SEQUENCE { 2182 snmpTlstmAddrServerFingerprint SnmpTLSFingerprint, 2183 snmpTlstmAddrServerIdentity SnmpAdminString, 2184 snmpTlstmAddrStorageType StorageType, 2185 snmpTlstmAddrRowStatus RowStatus 2186 } 2188 snmpTlstmAddrServerFingerprint OBJECT-TYPE 2189 SYNTAX SnmpTLSFingerprint 2190 MAX-ACCESS read-create 2191 STATUS current 2192 DESCRIPTION 2193 "A cryptographic hash of a public X.509 certificate. This 2194 object should store the hash of the public X.509 certificate 2195 that the remote server should present during the (D)TLS 2196 connection setup. The fingerprint of the presented 2197 certificate and this hash value MUST match exactly or the 2198 connection MUST NOT be established." 2199 DEFVAL { "" } 2200 ::= { snmpTlstmAddrEntry 1 } 2202 snmpTlstmAddrServerIdentity OBJECT-TYPE 2203 SYNTAX SnmpAdminString 2204 MAX-ACCESS read-create 2205 STATUS current 2206 DESCRIPTION 2207 "The reference identity to check against the identity 2208 presented by the remote system." 2209 DEFVAL { "" } 2210 ::= { snmpTlstmAddrEntry 2 } 2212 snmpTlstmAddrStorageType OBJECT-TYPE 2213 SYNTAX StorageType 2214 MAX-ACCESS read-create 2215 STATUS current 2216 DESCRIPTION 2217 "The storage type for this conceptual row. Conceptual rows 2218 having the value 'permanent' need not allow write-access to 2219 any columnar objects in the row." 2220 DEFVAL { nonVolatile } 2221 ::= { snmpTlstmAddrEntry 3 } 2223 snmpTlstmAddrRowStatus OBJECT-TYPE 2224 SYNTAX RowStatus 2225 MAX-ACCESS read-create 2226 STATUS current 2227 DESCRIPTION 2228 "The status of this conceptual row. This object may be used 2229 to create or remove rows from this table. 2231 To create a row in this table, an administrator must set this 2232 object to either createAndGo(4) or createAndWait(5). 2234 Until instances of all corresponding columns are 2235 appropriately configured, the value of the 2236 corresponding instance of the snmpTlstmAddrRowStatus 2237 column is notReady(3). 2239 In particular, a newly created row cannot be made active until 2240 the corresponding snmpTlstmAddrServerFingerprint column has been 2241 set. 2243 Rows MUST NOT be active if the snmpTlstmAddrServerFingerprint 2244 column is blank and the snmpTlstmAddrServerIdentity is set to 2245 '*' since this would insecurely accept any presented 2246 certificate. 2248 The snmpTlstmAddrServerFingerprint object may not be modified 2249 while the value of this object is active(1). 2251 An attempt to set these objects while the value of 2252 snmpTlstmAddrRowStatus is active(1) will result in 2253 an inconsistentValue error." 2254 ::= { snmpTlstmAddrEntry 4 } 2256 -- ************************************************ 2257 -- snmpTlstmNotifications - Notifications Information 2258 -- ************************************************ 2260 snmpTlstmServerCertificateUnknown NOTIFICATION-TYPE 2261 OBJECTS { snmpTlstmSessionUnknownServerCertificate } 2262 STATUS current 2263 DESCRIPTION 2264 "Notification that the server certificate presented by a SNMP 2265 over (D)TLS server was invalid because no configured 2266 fingerprint or CA was acceptable to validate it. This may be 2267 because there was no entry in the snmpTlstmAddrTable or 2268 because no path could be found to known certificate 2269 authority. 2271 To avoid notification loops, this notification MUST NOT be 2272 sent to servers that themselves have triggered the 2273 notification." 2274 ::= { snmpTlstmNotifications 1 } 2276 snmpTlstmServerInvalidCertificate NOTIFICATION-TYPE 2277 OBJECTS { snmpTlstmAddrServerFingerprint, 2278 snmpTlstmSessionInvalidServerCertificates} 2279 STATUS current 2280 DESCRIPTION 2281 "Notification that the server certificate presented by an SNMP 2282 over (D)TLS server could not be validated even if the 2283 fingerprint or expected validation path was known. I.E., a 2284 cryptographic validation error occurred during certificate 2285 validation processing. 2287 To avoid notification loops, this notification MUST NOT be 2288 sent to servers that themselves have triggered the 2289 notification." 2290 ::= { snmpTlstmNotifications 2 } 2292 -- ************************************************ 2293 -- snmpTlstmCompliances - Conformance Information 2294 -- ************************************************ 2296 snmpTlstmCompliances OBJECT IDENTIFIER ::= { snmpTlstmConformance 1 } 2298 snmpTlstmGroups OBJECT IDENTIFIER ::= { snmpTlstmConformance 2 } 2300 -- ************************************************ 2301 -- Compliance statements 2302 -- ************************************************ 2304 snmpTlstmCompliance MODULE-COMPLIANCE 2305 STATUS current 2306 DESCRIPTION 2307 "The compliance statement for SNMP engines that support the 2308 SNMP-TLS-TM-MIB" 2309 MODULE 2310 MANDATORY-GROUPS { snmpTlstmStatsGroup, 2311 snmpTlstmIncomingGroup, 2312 snmpTlstmOutgoingGroup, 2313 snmpTlstmNotificationGroup } 2314 ::= { snmpTlstmCompliances 1 } 2316 -- ************************************************ 2317 -- Units of conformance 2318 -- ************************************************ 2319 snmpTlstmStatsGroup OBJECT-GROUP 2320 OBJECTS { 2321 snmpTlstmSessionOpens, 2322 snmpTlstmSessionClientCloses, 2323 snmpTlstmSessionOpenErrors, 2324 snmpTlstmSessionAccepts, 2325 snmpTlstmSessionServerCloses, 2326 snmpTlstmSessionNoSessions, 2327 snmpTlstmSessionInvalidClientCertificates, 2328 snmpTlstmSessionUnknownServerCertificate, 2329 snmpTlstmSessionInvalidServerCertificates, 2330 snmpTlstmSessionInvalidCaches 2331 } 2332 STATUS current 2333 DESCRIPTION 2334 "A collection of objects for maintaining 2335 statistical information of an SNMP engine which 2336 implements the SNMP TLS Transport Model." 2337 ::= { snmpTlstmGroups 1 } 2339 snmpTlstmIncomingGroup OBJECT-GROUP 2340 OBJECTS { 2341 snmpTlstmCertToTSNCount, 2342 snmpTlstmCertToTSNTableLastChanged, 2343 snmpTlstmCertToTSNFingerprint, 2344 snmpTlstmCertToTSNMapType, 2345 snmpTlstmCertToTSNData, 2346 snmpTlstmCertToTSNStorageType, 2347 snmpTlstmCertToTSNRowStatus 2348 } 2349 STATUS current 2350 DESCRIPTION 2351 "A collection of objects for maintaining 2352 incoming connection certificate mappings to 2353 tmSecurityNames of an SNMP engine which implements the 2354 SNMP TLS Transport Model." 2355 ::= { snmpTlstmGroups 2 } 2357 snmpTlstmOutgoingGroup OBJECT-GROUP 2358 OBJECTS { 2359 snmpTlstmParamsCount, 2360 snmpTlstmParamsTableLastChanged, 2361 snmpTlstmParamsClientFingerprint, 2362 snmpTlstmParamsStorageType, 2363 snmpTlstmParamsRowStatus, 2364 snmpTlstmAddrCount, 2365 snmpTlstmAddrTableLastChanged, 2366 snmpTlstmAddrServerFingerprint, 2367 snmpTlstmAddrServerIdentity, 2368 snmpTlstmAddrStorageType, 2369 snmpTlstmAddrRowStatus 2371 } 2372 STATUS current 2373 DESCRIPTION 2374 "A collection of objects for maintaining 2375 outgoing connection certificates to use when opening 2376 connections as a result of SNMP-TARGET-MIB settings." 2377 ::= { snmpTlstmGroups 3 } 2379 snmpTlstmNotificationGroup NOTIFICATION-GROUP 2380 NOTIFICATIONS { 2381 snmpTlstmServerCertificateUnknown, 2382 snmpTlstmServerInvalidCertificate 2383 } 2384 STATUS current 2385 DESCRIPTION 2386 "Notifications" 2387 ::= { snmpTlstmGroups 4 } 2389 END 2391 8. Operational Considerations 2393 This section discusses various operational aspects of deploying 2394 TLSTM. 2396 8.1. Sessions 2398 A session is discussed throughout this document as meaning a security 2399 association between two TLSTM instances. State information for the 2400 sessions are maintained in each TLSTM implementation and this 2401 information is created and destroyed as sessions are opened and 2402 closed. A "broken" session (one side up and one side down) can 2403 result if one side of a session is brought down abruptly (i.e., 2404 reboot, power outage, etc.). Whenever possible, implementations 2405 SHOULD provide graceful session termination through the use of TLS 2406 disconnect messages. Implementations SHOULD also have a system in 2407 place for detecting "broken" sessions through the use of heartbeats 2408 [I-D.seggelmann-tls-dtls-heartbeat] or other detection mechanisms. 2410 Implementations SHOULD limit the lifetime of established sessions 2411 depending on the algorithms used for generation of the master session 2412 secret, the privacy and integrity algorithms used to protect 2413 messages, the environment of the session, the amount of data 2414 transferred, and the sensitivity of the data. 2416 8.2. Notification Receiver Credential Selection 2418 When an SNMP engine needs to establish an outgoing session for 2419 notifications, the snmpTargetParamsTable includes an entry for the 2420 snmpTargetParamsSecurityName of the target. Servers that wish to 2421 support multiple principals at a particular port SHOULD make use of 2422 the Server Name Indication extension defined in Section 3.1 of 2423 [RFC4366]. Without the Server Name Indication the receiving SNMP 2424 engine (Server) will not know which (D)TLS certificate to offer to 2425 the Client so that the tmSecurityName identity-authentication will be 2426 successful. 2428 Another solution is to maintain a one-to-one mapping between 2429 certificates and incoming ports for notification receivers. This can 2430 be handled at the notification originator by configuring the 2431 snmpTargetAddrTable (snmpTargetAddrTDomain and 2432 snmpTargetAddrTAddress) and requiring the receiving SNMP engine to 2433 monitor multiple incoming static ports based on which principals are 2434 capable of receiving notifications. 2436 Implementations MAY also choose to designate a single Notification 2437 Receiver Principal to receive all incoming notifications or select an 2438 implementation specific method of selecting a server certificate to 2439 present to clients. 2441 8.3. contextEngineID Discovery 2443 SNMPv3 requires that an application know the identifier 2444 (snmpEngineID) of the remote SNMP protocol engine in order to 2445 retrieve or manipulate objects maintained on the remote SNMP entity. 2447 [RFC5343] introduces a well-known localEngineID and a discovery 2448 mechanism that can be used to learn the snmpEngineID of a remote SNMP 2449 protocol engine. Implementations are RECOMMENDED to support and use 2450 the contextEngineID discovery mechanism defined in [RFC5343]. 2452 8.4. Transport Considerations 2454 This document defines how SNMP messages can be transmitted over the 2455 TLS and DTLS based protocols. Each of these protocols are 2456 additionally based on other transports (TCP and UDP). These two base 2457 protocols also have operational considerations that must be taken 2458 into consideration when selecting a (D)TLS based protocol to use such 2459 as its performance in degraded or limited networks. It is beyond the 2460 scope of this document to summarize the characteristics of these 2461 transport mechanisms. Please refer to the base protocol documents 2462 for details on messaging considerations with respect to MTU size, 2463 fragmentation, performance in lossy-networks, etc. 2465 8.5. IPv6 and securityName mapping when used with TSM and VACM 2467 It is possible to create a condition where it is impossible to map a 2468 subjectAltName to a securityName when all of the following conditions 2469 are true: 2471 o The snmpTlstmCertToTSNMapType object of a snmpTlstmCertToTSNEntry 2472 is set to the snmpTlstmCertSANIpAddress identity value. 2474 o The X.509 certificate presented by the client contains a 2475 subjectAltName with an IPv6 address in it. 2477 o The security model in use is the Transport Security Model. 2479 o The snmpTsmConfigurationUsePrefix object in the SNMP-TSM-MIB is 2480 set to 'true'. 2482 o The View-based Access Control Model is being used to authorize 2483 requests. 2485 If all of these conditions are true then the length of the generated 2486 tmSecurityName will always be 32 octet characters and the 2487 securityName generated by the TSM will be at least 36, which is 2488 longer than the length allowed by the VACM. 2490 Thus, the use of IPv6 subjectAltName to tmSecurityName mapping is NOT 2491 RECOMMENDED when snmpTsmConfigurationUsePrefix is set to true. 2493 9. Security Considerations 2495 This document describes a transport model that permits SNMP to 2496 utilize (D)TLS security services. The security threats and how the 2497 (D)TLS transport model mitigates these threats are covered in detail 2498 throughout this document. Security considerations for DTLS are 2499 covered in [RFC4347] and security considerations for TLS are 2500 described in Section 11 and Appendices D, E, and F of TLS 1.2 2501 [RFC5246]. When run over a connectionless transport such as UDP, 2502 DTLS is more vulnerable to denial of service attacks from spoofed IP 2503 addresses; see Section 4.2 for details how the cookie exchange is 2504 used to address this issue. 2506 9.1. Certificates, Authentication, and Authorization 2508 Implementations are responsible for providing a security certificate 2509 installation and configuration mechanism. Implementations SHOULD 2510 support certificate revocation lists. 2512 (D)TLS provides for authentication of the identity of both the (D)TLS 2513 server and the (D)TLS client. Access to MIB objects for the 2514 authenticated principal MUST be enforced by an access control 2515 subsystem (e.g. the VACM). 2517 Authentication of the command generator principal's identity is 2518 important for use with the SNMP access control subsystem to ensure 2519 that only authorized principals have access to potentially sensitive 2520 data. The authenticated identity of the command generator 2521 principal's certificate is mapped to an SNMP model-independent 2522 securityName for use with SNMP access control. 2524 The (D)TLS handshake only provides assurance that the certificate of 2525 the authenticated identity has been signed by an configured accepted 2526 certification authority. (D)TLS has no way to further authorize or 2527 reject access based on the authenticated identity. An Access Control 2528 Model (such as the VACM) provides access control and authorization of 2529 a command generator's requests to a command responder and a 2530 notification receiver's authorization to receive Notifications from a 2531 notification originator. However to avoid man-in-the-middle attacks 2532 both ends of the (D)TLS based connection MUST check the certificate 2533 presented by the other side against what was expected. For example, 2534 command generators must check that the command responder presented 2535 and authenticated itself with a X.509 certificate that was expected. 2536 Not doing so would allow an impostor, at a minimum, to present false 2537 data, receive sensitive information and/or provide a false belief 2538 that configuration was actually received and acted upon. 2539 Authenticating and verifying the identity of the (D)TLS server and 2540 the (D)TLS client for all operations ensures the authenticity of the 2541 SNMP engine that provides MIB data. 2543 The instructions found in the DESCRIPTION clause of the 2544 snmpTlstmCertToTSNTable object must be followed exactly. It is also 2545 important that the rows of the table be searched in prioritized order 2546 starting with the row containing the lowest numbered 2547 snmpTlstmCertToTSNID value. 2549 9.2. Use with SNMPv1/SNMPv2c Messages 2551 The SNMPv1 and SNMPv2c message processing described in [RFC3584] (BCP 2552 74) always selects the SNMPv1 or SNMPv2c Security Models, 2553 respectively. Both of these and the User-based Security Model 2554 typically used with SNMPv3 derive the securityName and securityLevel 2555 from the SNMP message received, even when the message was received 2556 over a secure transport. Access control decisions are therefore made 2557 based on the contents of the SNMP message, rather than using the 2558 authenticated identity and securityLevel provided by the TLS 2559 Transport Model. It is RECOMMENDED that only SNMPv3 messages using 2560 the Transport Security Model (TSM) or another secure-transport aware 2561 security model be sent over the TLSTM transport. 2563 Using a non-transport-aware Security Model with a secure Transport 2564 Model is NOT RECOMMENDED. See [RFC5590] Section 7.1 for additional 2565 details on the coexistence of security-aware transports and non- 2566 transport-aware security models. 2568 9.3. MIB Module Security 2570 There are a number of management objects defined in this MIB module 2571 with a MAX-ACCESS clause of read-write and/or read-create. Such 2572 objects may be considered sensitive or vulnerable in some network 2573 environments. The support for SET operations in a non-secure 2574 environment without proper protection can have a negative effect on 2575 network operations. These are the tables and objects and their 2576 sensitivity/vulnerability: 2578 o The snmpTlstmParamsTable can be used to change the outgoing X.509 2579 certificate used to establish a (D)TLS connection. Modification 2580 to objects in this table need to be adequately authenticated since 2581 modification to values in this table will have profound impacts to 2582 the security of outbound connections from the device. Since 2583 knowledge of authorization rules and certificate usage mechanisms 2584 may be considered sensitive, protection from disclosure of the 2585 SNMP traffic via encryption is also highly recommended. 2587 o The snmpTlstmAddrTable can be used to change the expectations of 2588 the certificates presented by a remote (D)TLS server. 2589 Modification to objects in this table need to be adequately 2590 authenticated since modification to values in this table will have 2591 profound impacts to the security of outbound connections from the 2592 device. Since knowledge of authorization rules and certificate 2593 usage mechanisms may be considered sensitive, protection from 2594 disclosure of the SNMP traffic via encryption is also highly 2595 recommended. 2597 o The snmpTlstmCertToTSNTable is used to specify the mapping of 2598 incoming X.509 certificates to tmSecurityNames which eventually 2599 get mapped to a SNMPv3 securityName. Modification to objects in 2600 this table need to be adequately authenticated since modification 2601 to values in this table will have profound impacts to the security 2602 of incoming connections to the device. Since knowledge of 2603 authorization rules and certificate usage mechanisms may be 2604 considered sensitive, protection from disclosure of the SNMP 2605 traffic via encryption is also highly recommended. When this 2606 table contains a significant number of rows it may affect the 2607 system performance when accepting new (D)TLS connections. 2609 Some of the readable objects in this MIB module (i.e., objects with a 2610 MAX-ACCESS other than not-accessible) may be considered sensitive or 2611 vulnerable in some network environments. It is thus important to 2612 control even GET and/or NOTIFY access to these objects and possibly 2613 to even encrypt the values of these objects when sending them over 2614 the network via SNMP. These are the tables and objects and their 2615 sensitivity/vulnerability: 2617 o This MIB contains a collection of counters that monitor the (D)TLS 2618 connections being established with a device. Since knowledge of 2619 connection and certificate usage mechanisms may be considered 2620 sensitive, protection from disclosure of the SNMP traffic via 2621 encryption is also highly recommended. 2623 SNMP versions prior to SNMPv3 did not include adequate security. 2624 Even if the network itself is secure (for example by using IPsec), 2625 even then, there is no control as to who on the secure network is 2626 allowed to access and GET/SET (read/change/create/delete) the objects 2627 in this MIB module. 2629 It is RECOMMENDED that implementers consider the security features as 2630 provided by the SNMPv3 framework (see [RFC3410], section 8), 2631 including full support for the SNMPv3 cryptographic mechanisms (for 2632 authentication and privacy). 2634 Further, deployment of SNMP versions prior to SNMPv3 is NOT 2635 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 2636 enable cryptographic security. It is then a customer/operator 2637 responsibility to ensure that the SNMP entity giving access to an 2638 instance of this MIB module is properly configured to give access to 2639 the objects only to those principals (users) that have legitimate 2640 rights to indeed GET or SET (change/create/delete) them. 2642 10. IANA Considerations 2644 IANA is requested to assign: 2646 1. Two TCP/UDP port numbers from the "Registered Ports" range of the 2647 Port Numbers registry, with the following keywords (where TBD1 2648 and TBD2 correspond to the assigned port numbers): 2650 Keyword Decimal Description References 2651 ------- ------- ----------- ---------- 2652 snmptls TBD1/tcp SNMP-TLS [RFC-isms-dtls-tm] 2653 snmpdtls TBD1/udp SNMP-DTLS [RFC-isms-dtls-tm] 2654 snmptls-trap TBD2/tcp SNMP-Trap-TLS [RFC-isms-dtls-tm] 2655 snmpdtls-trap TBD2/udp SNMP-Trap-DTLS [RFC-isms-dtls-tm] 2656 These are the default ports for receipt of SNMP command messages 2657 (snmptls and snmpdtls) and SNMP notification messages (snmptls- 2658 trap and snmpdtls-trap) over a TLS Transport Model as defined in 2659 this document. 2661 2. An SMI number under snmpDomains for the snmpTLSTCPDomain object 2662 identifier, 2664 3. An SMI number under snmpDomains for the snmpDTLSUDPDomain object 2665 identifier, 2667 4. A SMI number under mib-2, for the MIB module in this document, 2669 5. "tls" as the corresponding prefix for the snmpTLSTCPDomain in the 2670 SNMP Transport Model registry, 2672 6. "dtls" as the corresponding prefix for the snmpDTLSUDPDomain in 2673 the SNMP Transport Model registry, 2675 RFC Editor's note: this section should be replaced with appropriate 2676 descriptive assignment text after IANA assignments are made and prior 2677 to publication. 2679 11. Acknowledgements 2681 This document closely follows and copies the Secure Shell Transport 2682 Model for SNMP documented by David Harrington and Joseph Salowey in 2683 [RFC5592]. 2685 This document was reviewed by the following people who helped provide 2686 useful comments (in alphabetical order): Andy Donati, Pasi Eronen, 2687 David Harrington, Jeffrey Hutzelman, Alan Luchuk, Michael Peck, Tom 2688 Petch, Randy Presuhn, Ray Purvis, Peter Saint-Andre, Joseph Salowey, 2689 Jurgen Schonwalder, Dave Shield, Robert Story. 2691 This work was supported in part by the United States Department of 2692 Defense. Large portions of this document are based on work by 2693 General Dynamics C4 Systems and the following individuals: Brian 2694 Baril, Kim Bryant, Dana Deluca, Dan Hanson, Tim Huemiller, John 2695 Holzhauer, Colin Hoogeboom, Dave Kornbau, Chris Knaian, Dan Knaul, 2696 Charles Limoges, Steve Moccaldi, Gerardo Orlando, and Brandon Yip. 2698 12. References 2699 12.1. Normative References 2701 [RFC1033] Lottor, M., "Domain administrators operations guide", 2702 RFC 1033, November 1987. 2704 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 2705 Requirement Levels", BCP 14, RFC 2119, March 1997. 2707 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 2708 Schoenwaelder, Ed., "Structure of Management Information 2709 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. 2711 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 2712 Schoenwaelder, Ed., "Textual Conventions for SMIv2", 2713 STD 58, RFC 2579, April 1999. 2715 [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 2716 "Conformance Statements for SMIv2", STD 58, RFC 2580, 2717 April 1999. 2719 [RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An 2720 Architecture for Describing Simple Network Management 2721 Protocol (SNMP) Management Frameworks", STD 62, RFC 3411, 2722 December 2002. 2724 [RFC3413] Levi, D., Meyer, P., and B. Stewart, "Simple Network 2725 Management Protocol (SNMP) Applications", STD 62, 2726 RFC 3413, December 2002. 2728 [RFC3414] Blumenthal, U. and B. Wijnen, "User-based Security Model 2729 (USM) for version 3 of the Simple Network Management 2730 Protocol (SNMPv3)", STD 62, RFC 3414, December 2002. 2732 [RFC3415] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based 2733 Access Control Model (VACM) for the Simple Network 2734 Management Protocol (SNMP)", STD 62, RFC 3415, 2735 December 2002. 2737 [RFC3418] Presuhn, R., "Management Information Base (MIB) for the 2738 Simple Network Management Protocol (SNMP)", STD 62, 2739 RFC 3418, December 2002. 2741 [RFC3490] Faltstrom, P., Hoffman, P., and A. Costello, 2742 "Internationalizing Domain Names in Applications (IDNA)", 2743 RFC 3490, March 2003. 2745 [RFC3584] Frye, R., Levi, D., Routhier, S., and B. Wijnen, 2746 "Coexistence between Version 1, Version 2, and Version 3 2747 of the Internet-standard Network Management Framework", 2748 BCP 74, RFC 3584, August 2003. 2750 [RFC4347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer 2751 Security", RFC 4347, April 2006. 2753 [RFC4366] Blake-Wilson, S., Nystrom, M., Hopwood, D., Mikkelsen, J., 2754 and T. Wright, "Transport Layer Security (TLS) 2755 Extensions", RFC 4366, April 2006. 2757 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 2758 (TLS) Protocol Version 1.2", RFC 5246, August 2008. 2760 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 2761 Housley, R., and W. Polk, "Internet X.509 Public Key 2762 Infrastructure Certificate and Certificate Revocation List 2763 (CRL) Profile", RFC 5280, May 2008. 2765 [RFC5590] Harrington, D. and J. Schoenwaelder, "Transport Subsystem 2766 for the Simple Network Management Protocol (SNMP)", 2767 RFC 5590, June 2009. 2769 [RFC5591] Harrington, D. and W. Hardaker, "Transport Security Model 2770 for the Simple Network Management Protocol (SNMP)", 2771 RFC 5591, June 2009. 2773 [I-D.draft-ietf-6man-text-addr-representation] 2774 Kawamura, S. and M. Kawashima, "A Recommendation for IPv6 2775 Address Text Representation". 2777 12.2. Informative References 2779 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, 2780 "Introduction and Applicability Statements for Internet- 2781 Standard Management Framework", RFC 3410, December 2002. 2783 [RFC5343] Schoenwaelder, J., "Simple Network Management Protocol 2784 (SNMP) Context EngineID Discovery", RFC 5343, 2785 September 2008. 2787 [RFC5592] Harrington, D., Salowey, J., and W. Hardaker, "Secure 2788 Shell Transport Model for the Simple Network Management 2789 Protocol (SNMP)", RFC 5592, June 2009. 2791 [I-D.seggelmann-tls-dtls-heartbeat] 2792 Seggelmann, R., Tuexen, M., and M. Williams, "Transport 2793 Layer Security and Datagram Transport Layer Security 2794 Heartbeat Extension". 2796 Appendix A. Target and Notification Configuration Example 2798 The following sections describe example configuration for the SNMP- 2799 TLS-TM-MIB, the SNMP-TARGET-MIB, the NOTIFICATION-MIB and the SNMP- 2800 VIEW-BASED-ACM-MIB. 2802 A.1. Configuring a Notification Originator 2804 The following row adds the "Joe Cool" user to the "administrators" 2805 group: 2807 vacmSecurityModel = 4 (TSM) 2808 vacmSecurityName = "Joe Cool" 2809 vacmGroupName = "administrators" 2810 vacmSecurityToGroupStorageType = 3 (nonVolatile) 2811 vacmSecurityToGroupStatus = 4 (createAndGo) 2813 The following row configures the snmpTlstmAddrTable to use 2814 certificate path validation and to require the remote notification 2815 receiver to present a certificate for the "server.example.org" 2816 identity. 2818 snmpTargetAddrName = "toNRAddr" 2819 snmpTlstmAddrServerFingerprint = "" 2820 snmpTlstmAddrServerIdentity = "server.example.org" 2821 snmpTlstmAddrStorageType = 3 (nonVolatile) 2822 snmpTlstmAddrRowStatus = 4 (createAndGo) 2824 The following row configures the snmpTargetAddrTable to send 2825 notifications using TLS/TCP to the snmptls-trap port at 192.0.2.1: 2827 snmpTargetAddrName = "toNRAddr" 2828 snmpTargetAddrTDomain = snmpTLSTCPDomain 2829 snmpTargetAddrTAddress = "192.0.2.1:XXXsnmptls-trap" 2830 snmpTargetAddrTimeout = 1500 2831 snmpTargetAddrRetryCount = 3 2832 snmpTargetAddrTagList = "toNRTag" 2833 snmpTargetAddrParams = "toNR" (MUST match above) 2834 snmpTargetAddrStorageType = 3 (nonVolatile) 2835 snmpTargetAddrColumnStatus = 4 (createAndGo) 2837 RFC Editor's note: replace the string "XXXsnmptls-trap" above with 2838 the appropriately assigned "snmptls-trap" port. 2840 The following row configures the snmpTargetParamsTable to send the 2841 notifications to "Joe Cool", using authPriv SNMPv3 notifications 2842 through the TransportSecurityModel [RFC5591]: 2844 snmpTargetParamsName = toNR 2845 snmpTargetParamsMPModel = SNMPv3 2846 snmpTargetParamsSecurityModel = 4 (TransportSecurityModel) 2847 snmpTargetParamsSecurityName = "Joe Cool" 2848 snmpTargetParamsSecurityLevel = 3 (authPriv) 2849 snmpTargetParamsStorageType = 3 (nonVolatile) 2850 snmpTargetParamsRowStatus = 4 (createAndGo0 2852 A.2. Configuring TLSTM to Utilize a Simple Derivation of tmSecurityName 2854 The following row configures the snmpTlstmCertToTSNTable to map a 2855 validated client certificate, referenced by the client's public X.509 2856 hash fingerprint, to a tmSecurityName using the subjecwAltName 2857 component of the certificate. 2859 snmpTlstmCertToTSNID = 1 2860 (chosen by ordering preference) 2861 snmpTlstmCertToTSNFingerprint = HASH (appropriate fingerprint) 2862 snmpTlstmCertToTSNMapType = snmpTlstmCertSANAny 2863 snmpTlstmCertToTSNData = "" (not used) 2864 snmpTlstmCertToTSNStorageType = 3 (nonVolatile) 2865 snmpTlstmCertToTSNRowStatus = 4 (createAndGo) 2867 This type of configuration should only be used when the naming 2868 conventions of the (possibly multiple) certificate authorities are 2869 well understood, so two different principals cannot inadvertently be 2870 identified by the same derived tmSecurityName.. 2872 A.3. Configuring TLSTM to Utilize Table-Driven Certificate Mapping 2874 The following row configures the snmpTlstmCertToTSNTable to map a 2875 validated client certificate, referenced by the client's public X.509 2876 hash fingerprint, to the directly specified tmSecurityName of "Joe 2877 Cool". 2879 snmpTlstmCertToTSNID = 1 2880 (chosen by ordering preference) 2881 snmpTlstmCertToTSNFingerprint = HASH (appropriate fingerprint) 2882 snmpTlstmCertToTSNMapType = snmpTlstmCertSpecified 2883 snmpTlstmCertToTSNSecurityName = "Joe Cool" 2884 snmpTlstmCertToTSNStorageType = 3 (nonVolatile) 2885 snmpTlstmCertToTSNRowStatus = 4 (createAndGo) 2887 Author's Address 2889 Wes Hardaker 2890 Sparta, Inc. 2891 P.O. Box 382 2892 Davis, CA 95617 2893 USA 2895 Phone: +1 530 792 1913 2896 Email: ietf@hardakers.net