ASF Specification v2.0 DSP0136 - DMTF
ASF Specification v2.0 DSP0136 - DMTF
ASF Specification v2.0 DSP0136 - DMTF
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Alert Standard Format (<strong>ASF</strong>) <strong>Specification</strong> <strong>v2.0</strong><br />
<strong>DMTF</strong> Document <strong>DSP0136</strong><br />
3. The Next Header field indicates the type of message that is encapsulated between the RSP<br />
header and trailer. For this specification, the value in the Next Header field is defined as the<br />
value in the Version field of the RMCP Header of the RMCP message being processed (e.g.;<br />
06h for <strong>ASF</strong>).<br />
4. The Integrity Data field is used to hold the results of an integrity algorithm (e.g., a keyed hash<br />
function) performed over the specific fields of the RSP header, RMCP message, and RSP<br />
trailer defined earlier. The length of this field depends on the integrity algorithm negotiated<br />
during session setup. For this specification, the mandatory-to-implement integrity algorithm is<br />
HMAC-SHA1-96 defined in [RFC2404].<br />
These fields are specified in the following table.<br />
Contents Type Offset Value<br />
Pad<br />
Pad<br />
Length<br />
Next<br />
Header<br />
Integrity<br />
Data<br />
Variable<br />
Bytes<br />
Used to provide DWORD-alignment of the Integrity Data field within the<br />
message. If present, each Pad byte is set to 00h.<br />
1 Byte 4n-2 Defines the number of Pad bytes present in the message, in the range 0 to<br />
3.<br />
1 Byte 4n-1 Indicates the type of message that is encapsulated between the RSP<br />
header and trailer. For this specification, the value of this field equals the<br />
value in the Version field of the RMCP Header of the message being<br />
processed.<br />
Variable<br />
Bytes<br />
4n<br />
Holds the results of an integrity algorithm negotiated during session setup.<br />
RSP Trailer<br />
3.2.3.2 Outbound Message Processing<br />
The sections that follow and the figure below outline the processing steps used by an alertsending<br />
device or management console to add security extensions to an outbound RMCP<br />
message.<br />
RMCP Message<br />
RSP Hdr<br />
Data<br />
RSP Tlr<br />
UDP Hdr<br />
Data<br />
IP Hdr<br />
Data<br />
Enet Hdr<br />
Data<br />
3.2.3.2.1 Device Security Policy and Session State Lookup<br />
When an RMCP request initiator creates a message, its RMCP protocol engine accesses the<br />
Device Security Policy to determine whether RMCP security extensions functionality is enabled.<br />
If the functionality is enabled, RMCP determines if an appropriate RSP session exists for the<br />
message.<br />
If an appropriate session does not exist, RMCP uses the RSP Session Protocol (RSSP) to create<br />
a session (see 3.2.3.4). If a session exists but the session is not in the Message Transfer phase<br />
(the phase that allows RMCP messages to be exchanged), RMCP must wait until the session<br />
reaches that phase before the RMCP message can be sent.<br />
<strong>DSP0136</strong> 23 April 2003 Page 25 of 94