[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPSec MIB and "augmenting"

To: ipsec@tis.com
Subject: IPSec MIB and "augmenting"
From: John Shriver <jas@shiva.com>
Date: Mon, 1 Feb 1999 12:47:49 -0500
Sender: owner-ipsec@ex.tis.com

I suppose I didn't make myself clear enough by what I was thinking of
in the way of augmentation.  I didn't mean the literal AUGMENTS
statement in many cases, since the "augmenting" table may not
instantiate every row of the base table.  I was thinking more of the
way that the IETF Interface MIBs parallel the MIB-II ifTable.

That is, if this ISAKMP Phase 1 SA is also a IKE Phase I SA, then
there will be a row in the IKE Phase I SA table.  

More importantly, the indices won't be duplicated as data elements.
The two cookies will only be assigned object identifiers in the ISAKMP
Phase 1 SA table.  The other tables will be indexed by the indices of
the primary table.

The only cases where I can see a strict AUGMENTS would be in the case
where two tables are identical in indexing and row instantiation, but
are of very different security sensitivities.  For instance, if we
were insane enough to want a column with ESP crypto keys (yikes!), you
would want it in a table that strictly AUGMENTS the ESP SA table.

Prev by Date: I-D ACTION:draft-ietf-ipsec-monitor-mib-00.txt
Next by Date: My IPSec MIB structuring motivations
Prev by thread: I-D ACTION:draft-ietf-ipsec-monitor-mib-00.txt
Next by thread: My IPSec MIB structuring motivations
Index(es):
- Main
- Thread