T11-FC-SP-TC-MIB
File:
T11-FC-SP-TC-MIB.mib (25719 bytes)
Imported modules
Imported symbols
Defined Types
| T11FcSpPolicyHashValue |
|
| Represents the value of the cryptographic hash function
of an FC-SP Policy Object.
Each definition of an object with this TC as its syntax
must be accompanied by a corresponding definition of an
object with T11FcSpPolicyHashFormat as its syntax.
The corresponding object identifies the cryptographic
hash function used to create the hash value. |
| TEXTUAL-CONVENTION |
|
|
|
| |
OCTET STRING |
Size(0..64) |
|
| T11FcSpHashCalculationStatus |
|
| When some kind of 'database' is defined in a set of
read-write MIB objects, it is common that multiple changes
in the data need to be made at the same time. So, if hash
values are maintained for that data, those hash values are
only correct if and when they are re-calculated after every
change. In such circumstances, the use of an object with
this syntax allows the re-calculation of the hash values to
be deferred until all changes have been made, and therefore
the calculation need only be done once after all changes,
rather than repeatedly/after each individual change.
The definition of an object defined using this TC is
required to specify which one or more instances of which
MIB objects contain the hash values operated upon (or
whose status is given) by the value of this TC.
When read, the value of an object with this syntax is
either:
correct -- the identified MIB object instance(s)
contain the correct hash values; or
stale -- the identified MIB object instance(s)
contain stale (possibly incorrect) values.
Writing a value of 'calculate' is a request to re-calculate
and update the values of the corresponding instances of the
identified MIB objects. Writing a value of 'correct' or
'stale' to this object is an error (e.g., 'wrongValue'). |
| TEXTUAL-CONVENTION |
|
|
|
| |
INTEGER |
calculate(1), correct(2), stale(3) |
|
| T11FcSpAuthRejectReasonCode |
|
| A reason code contained in an AUTH_Reject message, or
in an SW_RJT (rejecting an AUTH_ILS), or in an LS_RJT
(rejecting an AUTH-ELS). |
| TEXTUAL-CONVENTION |
|
|
|
| |
INTEGER |
authFailure(1), logicalError(2), logicalBusy(3), authILSNotSupported(4), authELSNotSupported(5), notLoggedIn(6) |
|
| T11FcSpAuthRejReasonCodeExp |
|
| A reason code explanation contained in an AUTH_Reject
message, or in an SW_RJT (rejecting an AUTH_ILS), or in
an LS_RJT (rejecting an AUTH-ELS). |
| TEXTUAL-CONVENTION |
|
|
|
| |
INTEGER |
authMechanismNotUsable(1), dhGroupNotUsable(2), hashFunctionNotUsable(3), authTransactionAlreadyStarted(4), authenticationFailed(5), incorrectPayload(6), incorrectAuthProtocolMessage(7), restartAuthProtocol(8), authConcatNotSupported(9), unsupportedProtocolVersion(10), logicalBusy(11), authILSNotSupported(12), authELSNotSupported(13), notLoggedIn(14) |
|
| T11FcSpHashFunctions |
|
| A set of zero, one, or more hash functions defined for
use in FC-SP. |
| TEXTUAL-CONVENTION |
|
|
|
| |
BITS |
md5(0), sha1(1) |
|
| T11FcSpSignFunctions |
|
| A set of zero, one, or more signature functions defined
for signing certificates for use with FCAP in FC-SP. |
| TEXTUAL-CONVENTION |
|
|
|
| |
BITS |
rsaSha1(0) |
|
| T11FcSpDhGroups |
|
| A set of zero, one, or more DH Groups defined for use
in FC-SP. |
| TEXTUAL-CONVENTION |
|
|
|
| |
BITS |
null(0), group1024(1), group1280(2), group1536(3), group2048(4), group3072(5), group4096(6), group6144(7), group8192(8) |
|
| T11FcSpPolicyObjectType |
|
| A value that identifies the type of an FC-SP Policy
Object. |
| TEXTUAL-CONVENTION |
|
|
|
| |
INTEGER |
summary(1), switchMemberList(2), nodeMemberList(3), switchConnectivity(4), ipMgmtList(5), attribute(6) |
|
| T11FcSpPolicyNameType |
|
| The format and usage of a companion object having
T11FcSpPolicyName as its syntax.
Six of the values indicate the same format, i.e., they
differ only in semantics. That common format is a Fibre
Channel 'Name_Identifier', i.e., the same syntax as
'FcNameIdOrZero (SIZE(8))'.
These six are three pairs of one restricted and one
unrestricted. Each usage of this syntax must specify
what the meaning of 'restricted' is for that usage and
how the characteristics and behavior of restricted
names differ from unrestricted names.
The six are:
'nodeName' - a Node_Name, which is the
Name_Identifier associated
with a Fibre Channel Node.
'restrictedNodeName' - a Restricted Node_Name.
'portName' - the Name_Identifier associated
with a Fibre Channel Port.
'restrictedPortName' - a Restricted Port_Name.
'wildcard' - a Wildcard value that is used to
identify 'all others' (typically,
all other members of a Policy
Object, not all other Policy
Objects).
'restrictedWildcard' - a Restricted Wildcard value.
Other possible values are:
'alphaNumericName' - the value begins with an ASCII
letter (upper or lower case) followed by (0 ... 63)
characters from the set: lower case letters, upper case
letters, digits, and the four symbols: dollar-sign ($),
dash (-), caret (^), and underscore (_).
'ipv6AddressRange' - two IPv6 addresses in network
byte order, the numerically smallest first and the
numerically largest second; total length is 32 bytes.
'ipv4AddressRange' - two IPv4 addresses in network
byte order, the numerically smallest first and the
numerically largest second; total length is 8 bytes. |
| TEXTUAL-CONVENTION |
|
|
|
| |
INTEGER |
nodeName(1), restrictedNodeName(2), portName(3), restrictedPortName(4), wildcard(5), restrictedWildcard(6), alphaNumericName(7), ipv6AddressRange(8), ipv4AddressRange(9) |
|
| T11FcSpPolicyName |
|
| A syntax used, when defining Policy Objects, for the
name of something.
An object that uses this syntax always identifies a
companion object with syntax T11FcSpPolicyNameType
such that the companion object specifies the format
and usage of the object with this syntax.
When the companion object has the value 'wildcard' or
'restrictedWildcard', the value of the T11FcSpPolicyName
object is: '0000000000000000'h. |
| TEXTUAL-CONVENTION |
|
|
|
| |
OCTET STRING |
Size(1..64) |
|
| T11FcSpAlphaNumName |
|
| A syntax used when defining Policy Objects for the
name of something, where the name is always in the format
specified by:
T11FcSpPolicyNameType = 'alphaNumericName'
|
| TEXTUAL-CONVENTION |
|
|
|
| |
OCTET STRING |
Size(1..64) |
|
| T11FcSpAlphaNumNameOrAbsent |
|
| An extension of the T11FcSpAlphaNumName TC with
one additional possible value: the zero-length string
to indicate the absence of a name. |
| TEXTUAL-CONVENTION |
|
|
|
| |
OCTET STRING |
Size(0..64) |
|
| T11FcSaDirection |
|
| The direction of frame transmission on a Security
Association. Note that Security Associations are
unidirectional, but they always exist as part of an
SA pair of the same type in opposite directions. |
| TEXTUAL-CONVENTION |
|
|
|
| |
INTEGER |
ingress(1), egress(2) |
|
| T11FcSpiIndex |
|
| An SPI (Security Parameter Index) value is carried in the
SPI field of a frame protected by the ESP_Header. An SPI
is also carried in the SAID field of a Common Transport
Information Unit (CT_IU) protected by CT_Authentication.
An SPI value identifies the Security Association on which
the frame is being transmitted. |
| TEXTUAL-CONVENTION |
|
|
|
| |
Unsigned32 |
0..4294967295 |
|
| T11FcSpPrecedence |
|
| The precedence of a Traffic Selector. If a frame
matches with two or more Traffic Selectors, then the match
that takes precedence is the one with the Traffic Selector
having the numerically smallest precedence value. Note that
precedence values are not necessarily contiguous. |
| TEXTUAL-CONVENTION |
|
|
|
| |
Unsigned32 |
0..4294967295 |
|
| T11FcRoutingControl |
|
| A value stored in the R_CTL (Routing Control) 8-bit field
of an FC-2 frame containing routing and information bits to
categorize the frame function.
For FC-2 frames, an R_CTL value typically distinguishes
between control versus data frames and/or solicited versus
unsolicited frames, and in combination with the TYPE field
(see T11FcSpType), identifies a particular link-layer
service/protocol using FC-2.
For CT_Authentication, the information field in the R_CTL
field contains '02'h for Request CT_IUs and '03'h for
Response CT_IUs.
The comparison of two values having this syntax is done
by treating each string as an 8-bit numeric value. |
| TEXTUAL-CONVENTION |
|
|
|
| |
OCTET STRING |
Size(1) |
|
| T11FcSpType |
|
| A value, or combination of values, contained in a frame
header used in identifying the link layer service/protocol
of a frame. The value is always two octets:
- for FC-2 frames, the first octet is zero and the second
octet contains the Data structure type (TYPE) value
defined by FC-FS-2. The TYPE value is used in
combination with T11FcRoutingControl to identify a link
layer service/protocol.
- for Common Transport Information Units (CT_IUs), the
first octet contains a GS_Type value and the second
octet contains a GS_Subtype value, defined by FC-GS-5.
The comparison of two values having this syntax is done
by treating each string as the numeric value obtained by
numerically combining the individual octet's value as
follows:
(256 * 1st-octet) + 2nd-octet
|
| TEXTUAL-CONVENTION |
|
|
|
| |
OCTET STRING |
Size(2) |
|
| T11FcSpSecurityProtocolId |
|
| A Security Protocol identifier to identify
the protocol by which traffic is to be protected,
e.g., ESP_Header or CT_Authentication. |
| TEXTUAL-CONVENTION |
|
|
|
| |
INTEGER |
espHeader(1), ctAuth(2) |
|
| T11FcSpLifetimeLeft |
|
| This TC is used for one object of an associated pair
of objects. The object with this syntax specifies a
remaining lifetime of something, e.g., of an SA, where
the lifetime is given in the units specified by the other
object of the pair which has T11FcSpLifetimeLeftUnits
as its syntax. |
| TEXTUAL-CONVENTION |
|
|
|
| |
Unsigned32 |
|
|
| T11FcSpLifetimeLeftUnits |
|
| An object, defined using T11FcSpLifetimeLeft TC as
its syntax, is required to be one of an associated
pair of objects such that the other object of the pair
is defined with this T11FcSpLifetimeLeftUnits TC as
its syntax and with its value specifying the
units of the remaining lifetime given by the
value of the T11FcSpLifetimeLeft object. |
| TEXTUAL-CONVENTION |
|
|
|
| |
INTEGER |
seconds(1), kiloBytes(2), megaBytes(3), gigaBytes(4), teraBytes(5), petaBytes(6), exaBytes(7), zettaBytes(8), yottaBytes(9) |
|
Defined Values
| t11FcTcMIB |
1.3.6.1.2.1.175 |
| This MIB module defines Textual Conventions for use in
the multiple MIB modules, which together define the
instrumentation for an implementation of the Fibre Channel
Security Protocols (FC-SP) specification.
This MIB module also defines Object Identities (for use as
possible values of MIB objects with syntax AutonomousType),
including OIDs for the Cryptographic Algorithms defined
in FC-SP.
Copyright (C) The IETF Trust (2008). This version
of this MIB module is part of RFC 5324; see the RFC
itself for full legal notices. |
| MODULE-IDENTITY |
|
|
|
| t11FcSpEncrNull |
1.3.6.1.2.1.175.1.1.1.1 |
| The ENCR_NULL algorithm. |
| Status: current |
Access: read-only |
| OBJECT-IDENTITY |
|
|
|
| t11FcSpEncrAesCbc |
1.3.6.1.2.1.175.1.1.1.2 |
| The ENCR_AES_CBC algorithm. |
| Status: current |
Access: read-only |
| OBJECT-IDENTITY |
|
|
|
| t11FcSpEncrAesCtr |
1.3.6.1.2.1.175.1.1.1.3 |
| The ENCR_AES_CTR algorithm. |
| Status: current |
Access: read-only |
| OBJECT-IDENTITY |
|
|
|
| t11FcSpEncrAesGcm |
1.3.6.1.2.1.175.1.1.1.4 |
| The ENCR_AES_GCM algorithm. |
| Status: current |
Access: read-only |
| OBJECT-IDENTITY |
|
|
|
| t11FcSpEncr3Des |
1.3.6.1.2.1.175.1.1.1.5 |
| The ENCR_3DES algorithm. |
| Status: current |
Access: read-only |
| OBJECT-IDENTITY |
|
|
|
| t11FcSpAuthNull |
1.3.6.1.2.1.175.1.1.2.1 |
| The AUTH_NONE algorithm. |
| Status: current |
Access: read-only |
| OBJECT-IDENTITY |
|
|
|
| t11FcSpAuthHmacMd5L96 |
1.3.6.1.2.1.175.1.1.2.2 |
| The AUTH_HMAC_MD5_96 algorithm. |
| Status: current |
Access: read-only |
| OBJECT-IDENTITY |
|
|
|
| t11FcSpAuthHmacSha1L96 |
1.3.6.1.2.1.175.1.1.2.3 |
| The AUTH_HMAC_SHA1_96 algorithm. |
| Status: current |
Access: read-only |
| OBJECT-IDENTITY |
|
|
|
| t11FcSpAuthHmacMd5L128 |
1.3.6.1.2.1.175.1.1.2.4 |
| The AUTH_HMAC_MD5_128 algorithm. |
| Status: current |
Access: read-only |
| OBJECT-IDENTITY |
|
|
|
| t11FcSpAuthHmacSha1L160 |
1.3.6.1.2.1.175.1.1.2.5 |
| The AUTH_HMAC_SHA1_160 algorithm. |
| Status: current |
Access: read-only |
| OBJECT-IDENTITY |
|
|
|
| t11FcSpEncrNullAuthAesGmac |
1.3.6.1.2.1.175.1.1.1.6 |
| The ENCR_NULL_AUTH_AES_GMAC algorithm. |
| Status: current |
Access: read-only |
| OBJECT-IDENTITY |
|
|
|