ASF Specification v2.0 DSP0136 - DMTF
ASF Specification v2.0 DSP0136 - DMTF
ASF Specification v2.0 DSP0136 - DMTF
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Alert Standard Format (<strong>ASF</strong>) <strong>Specification</strong> <strong>v2.0</strong><br />
<strong>DMTF</strong> Document <strong>DSP0136</strong><br />
3.2.3.3.1 Lower-Layer Protocol Processing<br />
When a frame containing a protected RMCP message reaches its destination, the lower-layer<br />
protocols (e.g. 802.3/Ethernet and IP) in the receiving device perform their processing and pass<br />
the resulting packet to the next higher-layer protocol (UDP) for additional processing. UDP in the<br />
receiving device then validates the Checksum field in the UDP header. If the Checksum field is<br />
invalid, UDP silently discards the packet.<br />
If the Checksum field is valid, UDP verifies that it supports the upper-layer protocol specified by<br />
the value in the Destination Port field. If the upper-layer protocol is not supported, UDP silently<br />
discards the packet. If the upper-layer protocol is supported, UDP strips off its header, updates<br />
the protected RMCP message Length, and passes the protected RMCP message and its Length<br />
to the next higher-layer protocol (RSP) for additional processing.<br />
3.2.3.3.2 Device Security Policy and Session State Lookup<br />
When RSP receives a protected RMCP message from UDP, RSP accesses the Device Security<br />
Policy to determine whether RMCP security extensions functionality is enabled. If the<br />
functionality is disabled, RSP silently discards the message.<br />
If the functionality is enabled, RSP uses the RSP Header's Session ID value to locate the session<br />
state for this message. If no session state can be located for this message, RSP silently discards<br />
the message. If a session exists but the session is in a phase does not that allows this protected<br />
RMCP message to be accepted (e.g. “Set” RMCP messages received prior to reaching the<br />
Message Transfer session phase), RSP silently discards the message.<br />
3.2.3.3.3 Message De-Encapsulation<br />
If a session exists and the session is in a phase that allows this protected RMCP message to be<br />
accepted, RSP uses the integrity algorithm specified in the session state and the protected<br />
RMCP message Length passed up from UDP to locate and validate the Integrity Data field in the<br />
RSP Trailer. If the Integrity Data field is invalid, RSP silently discards the message.<br />
If the Integrity Data field is valid, RSP uses the RSP Header's Sequence Number field and the<br />
Sliding Receive Window information in the session state and determines if this message is “new”<br />
(i.e. it is not a duplicate of a previously received message) and where the message falls with<br />
respect to the Sliding Receive Window.<br />
As shown in the figure below, the left-end of the Sliding Receive Window represents the<br />
Sequence Number of the beginning of the window and the right-end of the Sliding Receive<br />
Window is “window size” messages into the future. For <strong>v2.0</strong> of this specification, the "window<br />
size" is 32 messages; the figure below uses a 16-message size for illustration purposes only.<br />
The received message must be “new” and must fall either inside the window or to the right of the<br />
window or RSP silently discards the message. If the received message falls to the right of the<br />
window, the window is advanced to the right to encompass the message. A message may be<br />
received out-of-order and still be properly processed.<br />
Important Note: The window must not be advanced until the Integrity Data of the message that<br />
would cause the advancement has been validated. Doing otherwise would allow an attacker to<br />
generate bogus messages with large sequence numbers that would move the window outside the<br />
range of valid sequence numbers and cause RSP in the receiving device to drop valid messages.<br />
If the Sequence Number processing completes successfully, RSP saves the value in the Next<br />
Header field and uses the value in the Pad Length field to compute the number of Pad bytes that<br />
need to be removed from the end of the message. RSP then strips off the RSP Header and<br />
Trailer and updates the Length value for the RMCP message. RSP then passes the RMCP<br />
message and its Length to the next higher-layer protocol (RMCP) for additional processing.<br />
<strong>DSP0136</strong> 23 April 2003 Page 27 of 94