Editor's Note: Minutes received 12/2/92 CURRENT_MEETING_REPORT_ Reported by James Galvin/TIS Minutes of the SNMP Security Working Group (SNMPSEC) The meeting was called to order at 4:00 p.m. on November 17th. The Agenda was reviewed and accepted as presented. It was mentioned that the Charter was revised to reflect the need to align with SNMP version 2; there were no comments on the Charter as distributed to the mailing list. Finally, it was noted that the Security Area has been alerted to the aggressive schedule we have planned and has been requested to provide a security review of the soon to be revised documents as soon as possible. The following editorial changes were approved for all three documents: - change all references to SNMP to SNMPv2. - change all references to "Internet-standard Network Management Framework to SNMPv2 Framework. - change all references to "rfc1351Domain" to "snmpUDPDomain". - change the MIB to IMPORT from the SNMPv2 protocol operations document. - clarify the viewTable description when viewMask contains bits set to 0. - clarify in the MIB which default party identifiers execute at an agent and which execute at a management station. - clarify that the "a.b.c.d" in the initial party identifiers is always the agent's IP address. - clarify the text in the SMP introductory document that explains the relationship between initial parties 3 and 4 and initial parties 5 and 6. The following technical clarifications were suggested and approved: - add a field to the partyTable to indicate if this party entry operates in the role of a management station or an agent. - change the sequence of steps in the authentication protocol so that the party clocks are not advanced until after the access control check is done; otherwise it is possible for authentic parties to advance the clocks of parties to which they do not have access. - change the initial party configurations such that the sending of traps is only required for the noAuth/noPriv parties. - explicitly note that agents may send responses to queries without checking the ACL table. - explicitly state the initial parties are required to exist "out of the box". - explicitly state that parties in an aclTable entry must use identical authentication protocols; this is inferred by the requirement that privacy not be supported without authentication but not stating it allows a noAuth/noPriv party to send requests to a party supporting privacy, which can not be properly encoded. The following technical changes are required or are enhancements resulting from the SNMPv2 proposals: - make use of the authorizationError response. - change the aclPrivileges object to support the new PDU types. - update the access control parameters for the initial party identifiers. - update the initial MIB views for the initial party identifiers. - update the status objects to use the new textual conventions. - drop the use of the ordered delivery mechanism; this includes omitting "nonce", "last-timestamp", and the steps in the authentication protocol that operate with them. The following technical changes were discussed and approved: - make the privacy protocol optional and note that it is only required for new party creation and in those configurations where information disclosure is prohibited; this allows implementations to claim conformance if they support at least authentication and integrity. - to simplify agent implementations they are not required to support instance level access control. - make the clock synchronization algorithm symmetric; this simplies the clock synchronization requirements; processing currently applied to the originating party's clock apply to the receiver's clock, the receiver's (destination) clock is also included in the message, and there is a new AuthInformation data type to accommodate these changes; the format of the new AuthInformation will have the destination clock first and the source clock next, so as to be in the same order as the destination and source parties occur in the message. There were three outstanding issues after the meetings closed for the week: 1. Compliance Levels for Party MIBs with the new SNMPv2 compliance macros; it is necessary that compliance levels be specified for the party MIB; a proposal to specify three such levels was made 2. Party Creation without DES; a new proposal was distributed, and presented at the meeting, detailing mechanisms by which parties could be ``cloned'' from other parties, both to allow party creation without DES and to allow systems with limited NVRAM to support temporary parties which would be re-created after each reboot 3. Party Proliferation; ``proliferation of parties'' had been passed to this Working Group from the SNMPv2 Working Group as a problem to be solved; two different presentations were made on this issue; one detailed mechanisms to reduce the amount of NVRAM required to support SNMP Security through a reduction in the number of parties and a recasting of the tables in the Party MIB; the other presentation, with the same aims, suggested that spatial and temporal semantics should be embodied in the Management Information model, which therefore argued against some of the MIB recasting of the first proposal. These three issues were left unresolved due to a lack of time and due to their inter-dependence (e.g., the number and types of compliance levels depend on whether DES is required for party creation). 1 Attendees Steve Alexander stevea@i88.isc.com David Arneson arneson@ctron.com Jim Barnes barnes@xylogics.com Andy Bierman abierman@synoptics.com Fred Bohle fab@interlink.com Vickie Brown brown@osi540sn.gsfc.nasa.gov J. Nevil Brownlee nevil@aukuni.ac.uz Theodore Brunner tob@thumper.bellcore.com Matthew Busche mtb@anchor.ho.att.com Stephen Bush sfb@ncoast.org Dilip Chatwani dilip@synoptics.com Szusin Chen szusin.chen@eng.sun.com Robert Ching rching@nat.com Chris Chiotasso chris@andr.ub.com Bobby Clay clay@eagle.msfc.nasa.gov Tracy Cox tacox@sabre.bellcore.com Juan Cruz juan@dss.com Dave Cullerot cullerot@ctron.com Cathy Cunningham cmc@microcom.com James Davin davin@bellcore.com Cynthia Della Torre cindy@gateway.mitre.org Art Dertke dertke@gateway.mitre.org Manuel Diaz diaz@davidsys.com William Edison David Engel david@ods.com Raphael Freiwirth 5242391@mcimail.com James Galvin galvin@tis.com Richard Graveman rfg@ctt.bellcore.com Maria Greene mngreene@eng.xyplex.com Pete Grillo pl0143@mail.psi.net Michel Guittet guittet1@applelink.apple.com Ed Heiner eah@pau.synnet.com Ken Hirata khirata@emulex.com Gerd Holzhauer holzhauer1@applelink.apple.com John Hopprich hopprich@davidsys.com Kevin Jackson kmj@concord.com Bob Jeckell rrj@3com.com Mark Kepke mak@cnd.hp.com John Kimmins kimm@ctt.bellcore.com Keith Klamm klamm@ods.com Andrew Knutsen andrewk@sco.com Michael Kornegay mlk@bir.com Deirdre Kostick dck2@sabre.bellcore.com David Lin lind@janus-ccm.zenith.com David Lindemulder dcl@mtung.att.com John Linn linn@erlang.enet.dec.com Benjamin Lisowski Ben.Lisowski@sprint.sprint.com John Lunny jlunny@twg.com Carl Madison carl@startek.com Keith McCloghrie kzm@hls.com Evan McGinnis bem@3com.com Donna McMaster mcmaster@synoptics.com 2 Douglas Miller dmm@telebit.com David Minnich dwm@fibercom.com Mohammad Mirhakkak mmirhakk@mitre.org George Mouradian gvm@arch3.att.com Patrick Mullaney mullaney@ctron.com Daniel Myers dan@nsd.3com.com Rina Nathaniel rina!rnd!rndi@uunet.uu.net Bill Norton wbn@merit.edu Steven Onishi sonishi@wellfleet.com David Perkins dperkins@synoptics.com Ilan Raab iraab@synoptics.com Richard Ramos ramos@mtunm.att.com Venkat Rangan venkat@geoduck.matrix.com Louise Reingold l.reingold@sprint.sprint.com Sam Roberts sroberts@farallon.com Kary Robertson kr@concord.com Dan Romascanu dan@lannet.com Avraham Rosenbach armon@armon.hellnet.org Shawn Routhier sar@epilogue.com Chris Rozman chrisr@usr.com Assaf Rubissa asaf@fibhaifa.com Jon Saperia saperia@tcpjon.ogo.dec.com Michael Scanlon scanlon@interlan.com Sam Schaen schaen@mitre.org Jim Scott scott@kali.enet.dec.com John Seligson johns@ultra.com Timon Sloane timon@rahul.net Robert Snyder snyder@cisco.com Roy Spitzer roy.spitzer@sprint.com Bob Stewart rlstewart@eng.xyplex.com Kaj Tesink kaj@cc.bellcore.com Dean Throop throop@dg-rtp.dg.com Warren Vik wmv@i88.isc.com Ioannis Viniotis candice@ececho.ncsu.edu Steven Waldbusser waldbusser@andrew.cmu.edu Alice Wang alice.wang@eng.sun.com Gerry White gerry@lancity.com Peter Wilson peter_wilson@3com.com Steven Wong wong@took.enet.dec.com Randall Worzella worzella@ralvm29.unet.ibm.com Daniel Woycke woycke@smiley.mitre.org Kiho Yum kxy@nsd.3com.com 3