RFC 2786 (rfc2786) - Page 1 of 20
Diffie-Helman USM Key Management Information Base and Textual Convention
Alternative Format: Original Text Document
Network Working Group M. St. Johns
Request for Comments: 2786 Excite@Home
Category: Experimental March 2000
Diffie-Helman USM Key
Management Information Base and Textual Convention
Status of this Memo
This memo defines an Experimental Protocol for the Internet
community. It does not specify an Internet standard of any kind.
Discussion and suggestions for improvement are requested.
Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2000). All Rights Reserved.
IESG Note
This document specifies an experimental MIB. Readers, implementers
and users of this MIB should be aware that in the future the IETF may
charter an IETF Working Group to develop a standards track MIB to
address the same problem space that this MIB addresses. It is quite
possible that an incompatible standards track MIB may result from
that effort.
Abstract
This memo defines an experimental portion of the Management
Information Base (MIB) for use with network management protocols in
the Internet community. In particular, it defines a textual
convention for doing Diffie-Helman key agreement key exchanges and a
set of objects which extend the usmUserTable to permit the use of a
DH key exchange in addition to the key change method described in
[12]. In otherwords, this MIB adds the possibility of forward secrecy
to the USM model. It also defines a set of objects that can be used
to kick start security on an SNMPv3 agent when the out of band path
is authenticated, but not necessarily private or confidential.
The KeyChange textual convention described in [12] permits secure key
changes, but has the property that if a third-party has knowledge of
the original key (e.g. if the agent was manufactured with a standard
default key) and could capture all SNMP exchanges, the third-party
would know the new key. The Diffie-Helman key change described here
St. Johns Experimental
