PMP Mail Archive: PMP> FW: [Sbsm] External User Security Mod

PMP Mail Archive: PMP> FW: [Sbsm] External User Security Mod

PMP> FW: [Sbsm] External User Security Model (EUSM) for version 3 of the Simple Network Management Protocol (SNMPv3)

From: McDonald, Ira (imcdonald@sharplabs.com)
Date: Wed Jul 14 2004 - 13:49:10 EDT


Hi,

This I-D describes specific minor changes to SNMPv3 to
use existing external AAA servers (used in dialup and CLI
authentication today) for key distribution and management,
using standard protocols.

Worth reading.

Cheers,
- Ira McDonald
  High North Inc

-----Original Message-----
From: sbsm-bounces@machshav.com [mailto:sbsm-bounces@machshav.com]On Behalf
Of Kaushik Narayan
Sent: Wednesday, July 14, 2004 1:20 PM
To: sbsm@machshav.com
Cc: chris Elliott; jsalowey@cisco.com; kzm@cisco.com
Subject: [Sbsm] External User Security Model (EUSM) for version 3 of the
Simple Network Management Protocol (SNMPv3)

A New Internet-Draft is available from the on-line Internet-Drafts
directories.

        Title :
External User Security Model (EUSM) for version 3 of the
                         
Simple Network Management Protocol (SNMPv3)
        Author(s) :
K. Narayan, et al.
        Filename :
draft-kaushik-snmp-external-usm-00.txt
        Pages :
23
        Date :
2004-7-13
        
SNMPv3 provides a framework for user identity based authentication,
   privacy and granular access control. SNMPv3 aids secure
manageability
   and overcomes one of major drawbacks in previous versions of
the SNMP
   standard. There has been a significant lack of uptake for
deployment
   of SNMPv3, and a number of organizations are still using
   SNMPv1/SNMPv2c. This is because SNMPv3 does not integrate
well with
   administrative security schemes defined for existing
management
   interfaces like the device command line interfaces. We
believe this
   is because the SNMPv3 standard does not address the issue of
   management and distribution of the keying material for
SNMP.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-kaushik-snmp-external-usm-00.txt

To remove yourself from the I-D Announcement list, send a message to
i-d-announce-request at ietf.org with the word unsubscribe in the body of
the message.
You can also visit
https://www1.ietf.org/mailman/listinfo/I-D-announce
to change your subscription settings.

Internet-Drafts are also available by anonymous FTP. Login with the
username
"anonymous" and a password of your e-mail address. After
logging in,
type "cd internet-drafts" and then
        "get
draft-kaushik-snmp-external-usm-00.txt".

A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html
or
ftp://ftp.ietf.org/ietf/1shadow-sites.txt

Internet-Drafts can also be obtained by e-mail.

Send a message to:
        mailserv
at ietf.org.
In the body type:
        "FILE
/internet-drafts/draft-kaushik-snmp-external-usm-00.txt".
        
NOTE: The mail server at ietf.org can
return the document in
        MIME-encoded
form by using the "mpack" utility. To use this
        feature,
insert the command "ENCODING mime" before the
"FILE"
        command.
To decode the response(s), you will need "munpack" or
        a
MIME-compliant mail reader. Different MIME-compliant mail readers
        exhibit
different behavior, especially when dealing with
        "multipart"
MIME messages (i.e. documents which have been split
        up into
multiple messages), so check your local documentation on
        how to
manipulate these messages.
                
                
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.

<ftp://ftp.ietf.org/internet-drafts/draft-kaushik-snmp-external-usm-00.txt>





This archive was generated by hypermail 2b29 : Wed Jul 14 2004 - 13:49:35 EDT