IEEE8021-DEVID-MIB: View SNMP OID List / Download MIB

This is the management module of the Secure Device Identifier (DevID) for managing IEEE 802.1AR. As specified in the current IEEE 802.1AR draft document. This is the management module of the Secure Device Identifier (DevID) for managing IEEE 802.1AR. A DevID is cryptographically bound to a device, and supports authentication of the device's identity. Locally significant identities can be securely associated with an initial manufacturer-provisioned DevID and used in provisioning and authentication protocols to allow a network administrator to establish the trustworthiness of a device and select appropriate policies for transmission and reception of data and control protocols to and from the device. A device indicates any entity in an IEEE 802 LAN that seeks to obtain services from the network. The use of a Secure Device Identifier (DevID) in a DevID module allows network entities to associate a DevID credential with devices that participate or wish to participate in authenticated access to one or more networks. A device with DevID capability incorporates a globally unique manufacturer provided Initial SecureDevice Identifier (IDevID), stored in a way that ensures it will remain unmodified in the absence of both unrestricted access to the device and extraordinary efforts by an attacker. The device may support the creation of Locally Signification Device Identifiers (LDevIDs) by network administrator. Each LDevID is bound to the device in a way that makes it impossible for it to be forged or transferred to a device with a different IDevID without knowledge of the private key used to effect the crytographic binding. LDevID can incorporate, and fully protect, additional information specified by the network administrator to support local authorization conventions. LDevIDs may also be used to entirely replace IDevIDs in such a way as to assure the privacy of the user of a LDevID and the equipment in which it is installed. Every device has exactly one (IDevID) and zero or more LDevIDs. The number of LDevIDs depends upon the capabilities of the DevID module and on the administrative policy of the network(s) in which the device is used

This gives the total number of DevID public keys installed in the DevID module.

A table containing the public key, the keys keyIndex, a value indicating if the key is enabled. This allows the administrator to determine the DevID keys installed in the DevID module. The maximum number of entries in this table is limited by the value of devIDPublicKeyCount.

An entry containing DevID public key, the keys keyIndex, a value indicating if the key is enabled

All keys are indexed internally with this object. The value of this object is within 0..devIDPublicKeyCount. This is the keyIndex and operations on keys will use the keyIndex to address a specific key. The IDevID key shall only be at index 0. Any error in retrieving a key will be displayed in the devIDPublicKeyErrStatus object.

The enable/disable state of this public key. This setting persists across restarts.

The DevID PublicKey Algorithm field shall indicate the public key algorithm identifier. This object identifies the public key algorithm as either rsaEncryption or idecPublicKey

The SHA1 Hash of this DevID public key.

The displays the status of an operation on the public key. The default value is none which means no error, indicating a successful operation.

This gives the total number of DevID credentials installed in the DevID module.

A table of current DevID credentials, where for each certificate the following are indicated: sha1 hash of the certificate, section7 defined fields of cert serial number, issuer, subject, HardwareModuleName, and pubkey.

An entry containing DevID Credential information

All credentials are indexed internally with this object. The value of this object is within [0..devIDCredentialCount]. This is the credentialIndex and operations on credentials will use the credentialIndex to address a specific crdential. The IDevID credential shall only be at index 0. Additional operations on credentials use the credentialIndex to address a specific credential.

The enable/disable state of this credential. This setting persists across restarts.

The SHA1 Hash of this DevID credential.

The serial number of the credential.

The issuer field of the credential.

The subject field of the credential.

The subjectaltname field of the credential

This refers to the entPhysicalIndex in entPhysicalTable to identify the associated physical entity.

Has the appropriate devIDPublicKeyIndex value from devIDPublicKeyTable to identify the public key information.

The displays the status of an operation on the credential. The default value is none which means no error, indicating a successful operation.

A table containing statistics information.

An entry containing DevID statistics.

This gives the total number of additional LDevID key material generation within the DevID module. Discontinuities occur at system restart and counter rollover.

This gives the total number of additional LDevID key material generation followed by an insertion within the DevID module. Discontinuities occur at system restart and counter rollover.

This gives the total number of LDevID keypair deletions within the DevID module. Discontinuities occur at system restart and counter rollover.

This gives the total number of Certificate Signing Request (CSR) generation as defined in RFC2986. Discontinuities occur at system restart and counter rollover.

This gives the total number of LDevID credentials installed into the DevID module. Discontinuities occur at system restart and counter rollover.

This gives the total number of LDevID credentials deletions into the DevID module. Discontinuities occur at system restart and counter rollover.

Module Compliance for this mib.

A collection of objects providing public key manageability, credential manageability and stats.