IEEE8021-DEVID-MIB
File:
IEEE8021-DEVID-MIB.mib (20074 bytes)
Imported modules
Imported symbols
Defined Types
DevIDErrorStatus |
|
This textual convention is used to define the error state
of a devID operation.
The value none(1) which means no error, indicating a successful
operation. The value internalError(2) is used to display an system error. |
TEXTUAL-CONVENTION |
|
|
|
|
INTEGER |
none(1), internalError(2) |
|
DevIDAlgorithmIdentifier |
|
This textual convention is used to define the algorithm type for the public key. |
TEXTUAL-CONVENTION |
|
|
|
|
INTEGER |
rsaEncryption(1), idecPublicKey(2) |
|
DevIDPublicKeyEntry |
|
SEQUENCE |
|
|
|
|
devIDPublicKeyIndex |
Unsigned32 |
|
|
devIDPublicKeyEnabled |
TruthValue |
|
|
devIDPublicKeyAlgorithm |
DevIDAlgorithmIdentifier |
|
|
devIDPublicKeyPubkeySHA1Hash |
SnmpAdminString |
|
|
devIDPublicKeyErrStatus |
DevIDErrorStatus |
|
DevIDCredentialEntry |
|
SEQUENCE |
|
|
|
|
devIDCredentialIndex |
Unsigned32 |
|
|
devIDCredentialEnabled |
TruthValue |
|
|
devIDCredentialSHA1Hash |
SnmpAdminString |
|
|
devIDCredentialSerialNumber |
SnmpAdminString |
|
|
devIDCredentialIssuer |
SnmpAdminString |
|
|
devIDCredentialSubject |
SnmpAdminString |
|
|
devIDCredentialSubjectAltName |
SnmpAdminString |
|
|
devIDCredentialEntityIndex |
PhysicalIndex |
|
|
devIDCredentialPubkeyIndex |
Unsigned32 |
|
|
devIDCredentialErrStatus |
DevIDErrorStatus |
|
DevIDStatisticsEntry |
|
SEQUENCE |
|
|
|
|
devIDStatisticKeyGenerationCount |
Counter32 |
|
|
devIDStatisticKeyInsertionCount |
Counter32 |
|
|
devIDStatisticKeyDeletionCount |
Counter32 |
|
|
devIDStatisticCSRGenerationCount |
Counter32 |
|
|
devIDStatisticCredentialInsertionCount |
Counter32 |
|
|
devIDStatisticCredentialDeletionCount |
Counter32 |
|
Defined Values
ieee8021DevIDMIB |
1.3.111.2.802.1.1.17 |
This is the management module of the Secure Device Identifier
(DevID) for managing IEEE 802.1AR. As specified in the current
IEEE 802.1AR draft document.
This is the management module of the Secure Device Identifier
(DevID) for managing IEEE 802.1AR. A DevID is cryptographically
bound to a device, and supports authentication of the device's
identity. Locally significant identities can be securely
associated with an initial manufacturer-provisioned DevID and
used in provisioning and authentication protocols to allow a
network administrator to establish the trustworthiness of a
device and select appropriate policies for transmission and
reception of data and control protocols to and from the device.
A device indicates any entity in an IEEE 802 LAN that seeks to
obtain services from the network.
The use of a Secure Device Identifier (DevID) in a DevID module
allows network entities to associate a DevID credential with
devices that participate or wish to participate in authenticated
access to one or more networks.
A device with DevID capability incorporates a globally unique
manufacturer provided Initial SecureDevice Identifier (IDevID),
stored in a way that ensures it will remain unmodified in the
absence of both unrestricted access to the device and
extraordinary efforts by an attacker.
The device may support the creation of Locally Signification
Device Identifiers (LDevIDs) by network administrator. Each
LDevID is bound to the device in a way that makes it impossible
for it to be forged or transferred to a device with a different
IDevID without knowledge of the private key used to effect the
crytographic binding. LDevID can incorporate, and fully protect,
additional information specified by the network administrator to
support local authorization conventions. LDevIDs may also be
used to entirely replace IDevIDs in such a way as to assure the
privacy of the user of a LDevID and the equipment in which it is
installed.
Every device has exactly one (IDevID) and zero or more LDevIDs.
The number of LDevIDs depends upon the capabilities of the DevID
module and on the administrative policy of the network(s) in
which the device is used |
MODULE-IDENTITY |
|
|
|
devIDPublicKeyCount |
1.3.111.2.802.1.1.17.1.2.1 |
This gives the total number of DevID
public keys installed in the DevID module. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
devIDPublicKeyTable |
1.3.111.2.802.1.1.17.1.2.2 |
A table containing the public key, the keys
keyIndex, a value indicating if the key is
enabled. This allows the administrator to
determine the DevID keys installed in the
DevID module. The maximum number of entries
in this table is limited by the value of
devIDPublicKeyCount. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
DevIDPublicKeyEntry |
|
devIDPublicKeyEntry |
1.3.111.2.802.1.1.17.1.2.2.1 |
An entry containing DevID public key,
the keys keyIndex, a value indicating
if the key is enabled |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
DevIDPublicKeyEntry |
|
|
devIDPublicKeyIndex |
1.3.111.2.802.1.1.17.1.2.2.1.1 |
All keys are indexed internally with this
object. The value of this object is within
0..devIDPublicKeyCount.
This is the keyIndex and operations on
keys will use the keyIndex to address a
specific key. The IDevID key shall only be
at index 0.
Any error in retrieving a key will be displayed
in the devIDPublicKeyErrStatus object. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
0..4294967295 |
|
devIDPublicKeyEnabled |
1.3.111.2.802.1.1.17.1.2.2.1.2 |
The enable/disable state of this public key. This setting
persists across restarts. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
devIDPublicKeyAlgorithm |
1.3.111.2.802.1.1.17.1.2.2.1.3 |
The DevID PublicKey Algorithm field shall indicate
the public key algorithm identifier. This object
identifies the public key algorithm as either
rsaEncryption or idecPublicKey |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DevIDAlgorithmIdentifier |
|
|
devIDPublicKeyErrStatus |
1.3.111.2.802.1.1.17.1.2.2.1.5 |
The displays the status of an operation on
the public key. The default value is none
which means no error, indicating a successful
operation. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DevIDErrorStatus |
|
|
devIDCredentialCount |
1.3.111.2.802.1.1.17.1.2.3 |
This gives the total number of DevID
credentials installed in the DevID module. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
devIDCredentialTable |
1.3.111.2.802.1.1.17.1.2.4 |
A table of current DevID credentials, where
for each certificate the following are indicated:
sha1 hash of the certificate, section7 defined
fields of cert serial number, issuer, subject,
HardwareModuleName, and pubkey. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
DevIDCredentialEntry |
|
devIDCredentialEntry |
1.3.111.2.802.1.1.17.1.2.4.1 |
An entry containing DevID Credential information |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
DevIDCredentialEntry |
|
|
devIDCredentialIndex |
1.3.111.2.802.1.1.17.1.2.4.1.1 |
All credentials are indexed internally with
this object. The value of this object is within
[0..devIDCredentialCount].
This is the credentialIndex and operations on
credentials will use the credentialIndex to address
a specific crdential. The IDevID credential shall
only be at index 0. Additional operations on credentials
use the credentialIndex to address a specific
credential. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
0..4294967295 |
|
devIDCredentialEnabled |
1.3.111.2.802.1.1.17.1.2.4.1.2 |
The enable/disable state of this credential. This setting
persists across restarts. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
devIDCredentialEntityIndex |
1.3.111.2.802.1.1.17.1.2.4.1.8 |
This refers to the entPhysicalIndex in
entPhysicalTable to identify the associated
physical entity. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
PhysicalIndex |
|
|
devIDCredentialPubkeyIndex |
1.3.111.2.802.1.1.17.1.2.4.1.9 |
Has the appropriate devIDPublicKeyIndex
value from devIDPublicKeyTable to identify
the public key information. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
devIDCredentialErrStatus |
1.3.111.2.802.1.1.17.1.2.4.1.10 |
The displays the status of an operation on
the credential. The default value is none
which means no error, indicating a successful
operation. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DevIDErrorStatus |
|
|
devIDStatisticsEntry |
1.3.111.2.802.1.1.17.1.2.5.1 |
An entry containing DevID statistics. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
DevIDStatisticsEntry |
|
|
devIDStatisticKeyGenerationCount |
1.3.111.2.802.1.1.17.1.2.5.1.1 |
This gives the total number of additional
LDevID key material generation within the
DevID module.
Discontinuities occur at system restart and counter rollover. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
devIDStatisticKeyInsertionCount |
1.3.111.2.802.1.1.17.1.2.5.1.2 |
This gives the total number of additional
LDevID key material generation followed by
an insertion within the DevID module.
Discontinuities occur at system restart and counter rollover. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
devIDStatisticKeyDeletionCount |
1.3.111.2.802.1.1.17.1.2.5.1.3 |
This gives the total number of LDevID keypair
deletions within the DevID module.
Discontinuities occur at system restart and counter rollover. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
devIDStatisticCSRGenerationCount |
1.3.111.2.802.1.1.17.1.2.5.1.4 |
This gives the total number of
Certificate Signing Request (CSR)
generation as defined in RFC2986.
Discontinuities occur at system restart and counter rollover. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
devIDStatisticCredentialInsertionCount |
1.3.111.2.802.1.1.17.1.2.5.1.5 |
This gives the total number of LDevID
credentials installed into the DevID module.
Discontinuities occur at system restart and counter rollover. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
devIDStatisticCredentialDeletionCount |
1.3.111.2.802.1.1.17.1.2.5.1.6 |
This gives the total number of LDevID
credentials deletions into the DevID module.
Discontinuities occur at system restart and counter rollover. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
devIDMIBModuleCompliance |
1.3.111.2.802.1.1.17.2.1.1 |
Module Compliance for this mib. |
Status: current |
Access: read-only |
MODULE-COMPLIANCE |
|
|
|
devIDMIBObjectGroup |
1.3.111.2.802.1.1.17.2.2.1 |
A collection of objects providing public key
manageability, credential manageability and stats. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|