IEEE8021-DEVID-MIB

File: IEEE8021-DEVID-MIB.mib (20074 bytes)

Imported modules

SNMPv2-SMI SNMPv2-TC SNMP-FRAMEWORK-MIB
SNMPv2-CONF ENTITY-MIB

Imported symbols

MODULE-IDENTITY OBJECT-TYPE Unsigned32
Counter32 TruthValue TEXTUAL-CONVENTION
SnmpAdminString MODULE-COMPLIANCE OBJECT-GROUP
PhysicalIndex entPhysicalIndex

Defined Types

DevIDErrorStatus  
This textual convention is used to define the error state of a devID operation. The value none(1) which means no error, indicating a successful operation. The value internalError(2) is used to display an system error.
TEXTUAL-CONVENTION    
  INTEGER none(1), internalError(2)  

DevIDAlgorithmIdentifier  
This textual convention is used to define the algorithm type for the public key.
TEXTUAL-CONVENTION    
  INTEGER rsaEncryption(1), idecPublicKey(2)  

DevIDPublicKeyEntry  
SEQUENCE    
  devIDPublicKeyIndex Unsigned32
  devIDPublicKeyEnabled TruthValue
  devIDPublicKeyAlgorithm DevIDAlgorithmIdentifier
  devIDPublicKeyPubkeySHA1Hash SnmpAdminString
  devIDPublicKeyErrStatus DevIDErrorStatus

DevIDCredentialEntry  
SEQUENCE    
  devIDCredentialIndex Unsigned32
  devIDCredentialEnabled TruthValue
  devIDCredentialSHA1Hash SnmpAdminString
  devIDCredentialSerialNumber SnmpAdminString
  devIDCredentialIssuer SnmpAdminString
  devIDCredentialSubject SnmpAdminString
  devIDCredentialSubjectAltName SnmpAdminString
  devIDCredentialEntityIndex PhysicalIndex
  devIDCredentialPubkeyIndex Unsigned32
  devIDCredentialErrStatus DevIDErrorStatus

DevIDStatisticsEntry  
SEQUENCE    
  devIDStatisticKeyGenerationCount Counter32
  devIDStatisticKeyInsertionCount Counter32
  devIDStatisticKeyDeletionCount Counter32
  devIDStatisticCSRGenerationCount Counter32
  devIDStatisticCredentialInsertionCount Counter32
  devIDStatisticCredentialDeletionCount Counter32

Defined Values

ieee8021DevIDMIB 1.3.111.2.802.1.1.17
This is the management module of the Secure Device Identifier (DevID) for managing IEEE 802.1AR. As specified in the current IEEE 802.1AR draft document. This is the management module of the Secure Device Identifier (DevID) for managing IEEE 802.1AR. A DevID is cryptographically bound to a device, and supports authentication of the device's identity. Locally significant identities can be securely associated with an initial manufacturer-provisioned DevID and used in provisioning and authentication protocols to allow a network administrator to establish the trustworthiness of a device and select appropriate policies for transmission and reception of data and control protocols to and from the device. A device indicates any entity in an IEEE 802 LAN that seeks to obtain services from the network. The use of a Secure Device Identifier (DevID) in a DevID module allows network entities to associate a DevID credential with devices that participate or wish to participate in authenticated access to one or more networks. A device with DevID capability incorporates a globally unique manufacturer provided Initial SecureDevice Identifier (IDevID), stored in a way that ensures it will remain unmodified in the absence of both unrestricted access to the device and extraordinary efforts by an attacker. The device may support the creation of Locally Signification Device Identifiers (LDevIDs) by network administrator. Each LDevID is bound to the device in a way that makes it impossible for it to be forged or transferred to a device with a different IDevID without knowledge of the private key used to effect the crytographic binding. LDevID can incorporate, and fully protect, additional information specified by the network administrator to support local authorization conventions. LDevIDs may also be used to entirely replace IDevIDs in such a way as to assure the privacy of the user of a LDevID and the equipment in which it is installed. Every device has exactly one (IDevID) and zero or more LDevIDs. The number of LDevIDs depends upon the capabilities of the DevID module and on the administrative policy of the network(s) in which the device is used
MODULE-IDENTITY    

devIDMIBNotifications 1.3.111.2.802.1.1.17.0
OBJECT IDENTIFIER    

devIDMIBObjects 1.3.111.2.802.1.1.17.1
OBJECT IDENTIFIER    

devIDMIBConformance 1.3.111.2.802.1.1.17.2
OBJECT IDENTIFIER    

devIDGlobalMIBObjects 1.3.111.2.802.1.1.17.1.1
OBJECT IDENTIFIER    

devIDMgmtMIBObjects 1.3.111.2.802.1.1.17.1.2
OBJECT IDENTIFIER    

devIDStatsMIBObjects 1.3.111.2.802.1.1.17.1.3
OBJECT IDENTIFIER    

devIDPublicKeyCount 1.3.111.2.802.1.1.17.1.2.1
This gives the total number of DevID public keys installed in the DevID module.
OBJECT-TYPE    
  Unsigned32  

devIDPublicKeyTable 1.3.111.2.802.1.1.17.1.2.2
A table containing the public key, the keys keyIndex, a value indicating if the key is enabled. This allows the administrator to determine the DevID keys installed in the DevID module. The maximum number of entries in this table is limited by the value of devIDPublicKeyCount.
OBJECT-TYPE    
  SEQUENCE OF  
    DevIDPublicKeyEntry

devIDPublicKeyEntry 1.3.111.2.802.1.1.17.1.2.2.1
An entry containing DevID public key, the keys keyIndex, a value indicating if the key is enabled
OBJECT-TYPE    
  DevIDPublicKeyEntry  

devIDPublicKeyIndex 1.3.111.2.802.1.1.17.1.2.2.1.1
All keys are indexed internally with this object. The value of this object is within 0..devIDPublicKeyCount. This is the keyIndex and operations on keys will use the keyIndex to address a specific key. The IDevID key shall only be at index 0. Any error in retrieving a key will be displayed in the devIDPublicKeyErrStatus object.
OBJECT-TYPE    
  Unsigned32 0..4294967295  

devIDPublicKeyEnabled 1.3.111.2.802.1.1.17.1.2.2.1.2
The enable/disable state of this public key. This setting persists across restarts.
OBJECT-TYPE    
  TruthValue  

devIDPublicKeyAlgorithm 1.3.111.2.802.1.1.17.1.2.2.1.3
The DevID PublicKey Algorithm field shall indicate the public key algorithm identifier. This object identifies the public key algorithm as either rsaEncryption or idecPublicKey
OBJECT-TYPE    
  DevIDAlgorithmIdentifier  

devIDPublicKeyPubkeySHA1Hash 1.3.111.2.802.1.1.17.1.2.2.1.4
The SHA1 Hash of this DevID public key.
OBJECT-TYPE    
  SnmpAdminString  

devIDPublicKeyErrStatus 1.3.111.2.802.1.1.17.1.2.2.1.5
The displays the status of an operation on the public key. The default value is none which means no error, indicating a successful operation.
OBJECT-TYPE    
  DevIDErrorStatus  

devIDCredentialCount 1.3.111.2.802.1.1.17.1.2.3
This gives the total number of DevID credentials installed in the DevID module.
OBJECT-TYPE    
  Unsigned32  

devIDCredentialTable 1.3.111.2.802.1.1.17.1.2.4
A table of current DevID credentials, where for each certificate the following are indicated: sha1 hash of the certificate, section7 defined fields of cert serial number, issuer, subject, HardwareModuleName, and pubkey.
OBJECT-TYPE    
  SEQUENCE OF  
    DevIDCredentialEntry

devIDCredentialEntry 1.3.111.2.802.1.1.17.1.2.4.1
An entry containing DevID Credential information
OBJECT-TYPE    
  DevIDCredentialEntry  

devIDCredentialIndex 1.3.111.2.802.1.1.17.1.2.4.1.1
All credentials are indexed internally with this object. The value of this object is within [0..devIDCredentialCount]. This is the credentialIndex and operations on credentials will use the credentialIndex to address a specific crdential. The IDevID credential shall only be at index 0. Additional operations on credentials use the credentialIndex to address a specific credential.
OBJECT-TYPE    
  Unsigned32 0..4294967295  

devIDCredentialEnabled 1.3.111.2.802.1.1.17.1.2.4.1.2
The enable/disable state of this credential. This setting persists across restarts.
OBJECT-TYPE    
  TruthValue  

devIDCredentialSHA1Hash 1.3.111.2.802.1.1.17.1.2.4.1.3
The SHA1 Hash of this DevID credential.
OBJECT-TYPE    
  SnmpAdminString  

devIDCredentialSerialNumber 1.3.111.2.802.1.1.17.1.2.4.1.4
The serial number of the credential.
OBJECT-TYPE    
  SnmpAdminString Size(0..20)  

devIDCredentialIssuer 1.3.111.2.802.1.1.17.1.2.4.1.5
The issuer field of the credential.
OBJECT-TYPE    
  SnmpAdminString  

devIDCredentialSubject 1.3.111.2.802.1.1.17.1.2.4.1.6
The subject field of the credential.
OBJECT-TYPE    
  SnmpAdminString  

devIDCredentialSubjectAltName 1.3.111.2.802.1.1.17.1.2.4.1.7
The subjectaltname field of the credential
OBJECT-TYPE    
  SnmpAdminString  

devIDCredentialEntityIndex 1.3.111.2.802.1.1.17.1.2.4.1.8
This refers to the entPhysicalIndex in entPhysicalTable to identify the associated physical entity.
OBJECT-TYPE    
  PhysicalIndex  

devIDCredentialPubkeyIndex 1.3.111.2.802.1.1.17.1.2.4.1.9
Has the appropriate devIDPublicKeyIndex value from devIDPublicKeyTable to identify the public key information.
OBJECT-TYPE    
  Unsigned32  

devIDCredentialErrStatus 1.3.111.2.802.1.1.17.1.2.4.1.10
The displays the status of an operation on the credential. The default value is none which means no error, indicating a successful operation.
OBJECT-TYPE    
  DevIDErrorStatus  

devIDStatisticsTable 1.3.111.2.802.1.1.17.1.2.5
A table containing statistics information.
OBJECT-TYPE    
  SEQUENCE OF  
    DevIDStatisticsEntry

devIDStatisticsEntry 1.3.111.2.802.1.1.17.1.2.5.1
An entry containing DevID statistics.
OBJECT-TYPE    
  DevIDStatisticsEntry  

devIDStatisticKeyGenerationCount 1.3.111.2.802.1.1.17.1.2.5.1.1
This gives the total number of additional LDevID key material generation within the DevID module. Discontinuities occur at system restart and counter rollover.
OBJECT-TYPE    
  Counter32  

devIDStatisticKeyInsertionCount 1.3.111.2.802.1.1.17.1.2.5.1.2
This gives the total number of additional LDevID key material generation followed by an insertion within the DevID module. Discontinuities occur at system restart and counter rollover.
OBJECT-TYPE    
  Counter32  

devIDStatisticKeyDeletionCount 1.3.111.2.802.1.1.17.1.2.5.1.3
This gives the total number of LDevID keypair deletions within the DevID module. Discontinuities occur at system restart and counter rollover.
OBJECT-TYPE    
  Counter32  

devIDStatisticCSRGenerationCount 1.3.111.2.802.1.1.17.1.2.5.1.4
This gives the total number of Certificate Signing Request (CSR) generation as defined in RFC2986. Discontinuities occur at system restart and counter rollover.
OBJECT-TYPE    
  Counter32  

devIDStatisticCredentialInsertionCount 1.3.111.2.802.1.1.17.1.2.5.1.5
This gives the total number of LDevID credentials installed into the DevID module. Discontinuities occur at system restart and counter rollover.
OBJECT-TYPE    
  Counter32  

devIDStatisticCredentialDeletionCount 1.3.111.2.802.1.1.17.1.2.5.1.6
This gives the total number of LDevID credentials deletions into the DevID module. Discontinuities occur at system restart and counter rollover.
OBJECT-TYPE    
  Counter32  

devIDMIBCompliances 1.3.111.2.802.1.1.17.2.1
OBJECT IDENTIFIER    

devIDMIBGroups 1.3.111.2.802.1.1.17.2.2
OBJECT IDENTIFIER    

devIDMIBModuleCompliance 1.3.111.2.802.1.1.17.2.1.1
Module Compliance for this mib.
MODULE-COMPLIANCE    

devIDMIBObjectGroup 1.3.111.2.802.1.1.17.2.2.1
A collection of objects providing public key manageability, credential manageability and stats.
OBJECT-GROUP