Internet Draft                                               R. Woundy
IPCDN Working Group                                  American Internet
draft-ietf-ipcdn-mcns-bpi-mib-00.txt          Expires: 17 January 1999


         Baseline Privacy Interface Management Information Base
for MCNS Compliant Cable Modems and Cable Modem Termination Systems

Status of this Memo

   This document is an Internet-Draft.  Internet-Drafts are working
   documents of the Internet Engineering Task Force (IETF), its Areas,
   and its Working Groups.  Note that other groups may also distribute
   working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as a "work in progress".

   To view the entire list of current Internet-Drafts, please check the
   "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow
   Directories on ftp.is.co.za (Africa), ftp.nordu.net (Northern
   Europe), ftp.nis.garr.it (Southern Europe), munnari.oz.au (Pacific
   Rim), ftp.ietf.org (US East Coast), or ftp.isi.edu (US West Coast).

Abstract

   This memo defines an experimental portion of the Management
   Information Base (MIB) for use with network management protocols in
   the Internet community.  In particular, it defines a basic set of
   managed objects for SNMP-based management of the Baseline Privacy
   Interface for MCNS compliant cable modems and cable modem termination
   systems. This MIB is defined as an extension to the MCNS Radio
   Frequency Interface MIB [5].

   This memo specifies a MIB module in a manner that is compliant to the
   SNMPv2 SMI.  The set of objects is consistent with the SNMP framework
   and existing SNMP standards.

   This memo does not specify a standard for the Internet community.

   This memo is a product of the IPCDN working group within the Internet
   Engineering Task Force.  Comments are solicited and should be
   addressed to the working group's mailing list at ipcdn@terayon.com
   and/or the author.

1.  The SNMPv2 Network Management Framework



Expires January 1999                                            [Page 1]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   The SNMPv2 Network Management Framework presently consists of three
   major components.  They are:

   o    the SMI, described in RFC 1902 [1] - the mechanisms used for
        describing and naming objects for the purpose of management.

   o    the MIB-II, STD 17, RFC 1213 [2] - the core set of managed
        objects for the Internet suite of protocols.

   o    the protocol, RFC 1157 [3] and/or RFC 1905 [4], - the protocol
        for accessing managed objects.

   The Framework permits new objects to be defined for the purpose of
   experimentation and evaluation.

2.  Object Definitions

   Managed objects are accessed via a virtual information store, termed
   the Management Information Base or MIB.  Objects in the MIB are
   defined using the subset of Abstract Syntax Notation One (ASN.1)
   defined in the SMI.  In particular, each object type is named by an
   OBJECT IDENTIFIER, an administratively assigned name.  The object
   type together with an object instance serves to uniquely identify a
   specific instantiation of the object.  For human convenience, we
   often use a textual string, termed the descriptor, to refer to the
   object type.

3. Overview

   This MIB provides a set of objects required for the management of the
   Baseline Privacy Interface for MCNS compliant Cable Modems (CMs) and
   Cable Modem Termination Systems (CMTSs).  This MIB specification is
   derived from the MCNS Baseline Privacy Interface specification [7],
   which is an extension to the MCNS Radio Frequency Interface
   specification [8].

3.1.  Structure of the MIB

   This MIB consists of one group of CM-only objects (docsBpiCmGroup),
   and one group of CMTS-only objects (docsBpiCmtsGroup).

   The CM-only objects are organized into two tables:

   o    The docsBpiCmBaseTable contains objects for managing basic
        Baseline Privacy parameters and counters, and for managing the
        Authorization finite state machine.

   o    The docsBpiCmTEKTable contains objects for managing the Traffic



Expires January 1999                                            [Page 2]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


        Encryption Key (TEK) finite state machine per SID.

   The CMTS-only objects are organized into four groupings:

   o    The docsBpiCmtsBaseTable contains objects for managing basic
        Baseline Privacy parameters and counters.

   o    The docsBpiCmtsAuthTable contains objects for managing the
        Authorization association information per cable modem.

   o    The docsBpiCmtsTEKTable contains objects for managing the TEK
        association information per SID.

   o    The docsBpiMulticastControl consists of two tables.  The
        docsBpiIpMulticastMapTable controls the mapping of downstream
        IP multicast data traffic to downstream multicast SID values.
        The docsBpiMulticastAuthTable controls which CMs are authorized
        to receive downstream traffic transmitted over particular
        multicast SIDs; a CM will receive TEKs corresponding to the
        multicast SIDs for which it is authorized.  The combination of
        these two tables will limit the distribution of downstream IP
        multicast data traffic to authorized CMs.

3.2.  Management requirements

   The Baseline Privacy Interface specification is documented in [7],
   and is an extension to the Radio Frequency Interface specification
   documented in [8].  In addition to the explicit requirements in this
   specification, the CM and CMTS enabled for Baseline Privacy MUST
   support all applicable MCNS and IETF requirements and MIB objects.
   Specifications that identify relevant requirements and MIB objects
   include the IETF Radio Frequency MIB [5], the IETF Cable Device MIB
   [6], and the MCNS OSSI Specification [9].

   The explicit management requirements of the Baseline Privacy
   Interface, which motivate the development of the MIB in this
   document, are detailed below:

   o    The CM and CMTS MUST support viewing relevant RSA public keys,
        for future subscriber authentication applications.

   o    The Baseline Privacy management interface needs to support
        operator configuration of Authorization and TEK Finite State
        Machine (FSM) parameters, for performance tuning and security
        incident handling.  The CMTS MUST support configuring and
        viewing all FSM-related parameters, including baseline privacy
        status (enabled or disabled), key lifetimes, key grace times,
        and state timeout values.  The CM MUST support viewing these



Expires January 1999                                            [Page 3]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


        parameters where possible.

   o    The management interface needs to support operator analysis and
        override of FSM behavior, for fault management, subscriber
        service de-provisioning, and security incident handling.  The CM
        MUST support viewing the current FSM states.  The CM and CMTS
        MUST support viewing message error codes and message error
        strings, and counters for invalid KEK and TEK events, for key
        expirations and renewals, and for duplicate messages.  The CM
        and CMTS MUST support viewing current authorization key sequence
        numbers and key expiration times for failure diagnosis.

   o    The management interface needs to support dynamic control of the
        distribution of IP multicast data traffic.  This control
        includes forwarding IP multicast traffic to the correct
        multicast group (SID), and managing the membership lists of each
        multicast group (SID).  The CMTS MUST support configuring and
        viewing all IP multicast forwarding state, and all multicast
        group memberships, within the MAC domains of the CMTS.

4.  Definitions

   DOCS-BPI-MIB DEFINITIONS ::= BEGIN

   IMPORTS
   MODULE-IDENTITY, OBJECT-TYPE,
   Counter32, IpAddress
   FROM SNMPv2-SMI
   DisplayString, MacAddress, RowStatus, TruthValue, DateAndTime
   FROM SNMPv2-TC
   OBJECT-GROUP, MODULE-COMPLIANCE
   FROM SNMPv2-CONF
   ifIndex
   FROM IF-MIB
   docsIfMib, docsIfCmServiceId, docsIfCmtsServiceId
   FROM DOCS-IF-MIB
   ;

   docsBpiMIB      MODULE-IDENTITY
   LAST-UPDATED "9807171930Z"
   ORGANIZATION "IETF IPCDN Working Group"
   CONTACT-INFO "Rich Woundy
                 Postal: American Internet
                 4 Preston Court
                 Bedford, MA 01730
                 Tel:    +1 781 276 4509
                 Fax:    +1 781 275 4930
                 E-mail: rwoundy@american.com"



Expires January 1999                                            [Page 4]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   DESCRIPTION
   "This is the MIB Module for the DOCSIS Baseline Privacy Interface
   (BPI) at cable modems (CMs) and cable modem termination systems
   (CMTSs)."
   ::= { docsIfMib 5 }

   docsBpiMIBObjects  OBJECT IDENTIFIER ::= { docsBpiMIB 1 }

   -- Cable Modem Group

   docsBpiCmObjects OBJECT IDENTIFIER ::= { docsBpiMIBObjects 1 }

   --
   -- The BPI base and authorization table for CMs, indexed by ifIndex
   --

   docsBpiCmBaseTable      OBJECT-TYPE
   SYNTAX                  SEQUENCE OF     DocsBpiCmBaseEntry
   MAX-ACCESS              not-accessible
   STATUS                  current
   DESCRIPTION
   "Describes the basic and authorization-related Baseline Privacy
   attributes of each CM MAC interface."
   ::= { docsBpiCmObjects 1 }

   docsBpiCmBaseEntry      OBJECT-TYPE
   SYNTAX                  DocsBpiCmBaseEntry
   MAX-ACCESS              not-accessible
   STATUS                  current
   DESCRIPTION
   "An entry containing objects describing attributes of one CM MAC
   interface. An entry in this table exists for each ifEntry with an
   ifType of docsCableMaclayer(127)."
   INDEX                   { ifIndex }
   ::= { docsBpiCmBaseTable 1 }

   DocsBpiCmBaseEntry ::= SEQUENCE {
   docsBpiCmPrivacyEnable                  TruthValue,
   docsBpiCmPublicKey                      OCTET STRING,
   docsBpiCmAuthState                      INTEGER,
   docsBpiCmAuthKeySequenceNumber          INTEGER,
   docsBpiCmAuthExpires                    DateAndTime,
   docsBpiCmAuthReset                      TruthValue,
   docsBpiCmAuthGraceTime                  INTEGER,
   docsBpiCmTEKGraceTime                   INTEGER,
   docsBpiCmAuthWaitTimeout                INTEGER,
   docsBpiCmReauthWaitTimeout              INTEGER,
   docsBpiCmOpWaitTimeout                  INTEGER,



Expires January 1999                                            [Page 5]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   docsBpiCmRekeyWaitTimeout               INTEGER,
   docsBpiCmAuthRejectWaitTimeout          INTEGER,
   docsBpiCmAuthRequests                   Counter32,
   docsBpiCmAuthReplies                    Counter32,
   docsBpiCmAuthRejects                    Counter32,
   docsBpiCmAuthInvalids                   Counter32,
   docsBpiCmAuthRejectErrorCode            INTEGER,
   docsBpiCmAuthRejectErrorString          DisplayString,
   docsBpiCmAuthInvalidErrorCode           INTEGER,
   docsBpiCmAuthInvalidErrorString         DisplayString
   }

   docsBpiCmPrivacyEnable  OBJECT-TYPE
   SYNTAX                  TruthValue
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "This identifies whether this CM is provisioned to run Baseline
   Privacy. This is analogous to the presence (or absence) of the
   Baseline Privacy Configuration Setting option as described in BPI
   Appendix A.1.1. The status of each individual SID with respect to
   Baseline Privacy is captured in the docsBpiCmTEKPrivacyEnable object.
   Note: this object will be read-write accessible only after the
   ability to start and stop the authorization state machine is
   understood."
   ::= { docsBpiCmBaseEntry 1 }

   docsBpiCmPublicKey      OBJECT-TYPE
   SYNTAX                  OCTET STRING (SIZE (0..97))
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Public key of the CM encoded as an ASN.1 SubjectPublicKeyInfo object
   as defined in the RSA Encryption Standard (PKCS #1) [12]."
   ::= { docsBpiCmBaseEntry 2 }

   docsBpiCmAuthState      OBJECT-TYPE
   SYNTAX                  INTEGER {
                                   start(1),
                                   authWait(2),
                                   authorized(3),
                                   reauthWait(4),
                                   authRejectWait(5)
                           }
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "The state of the CM authorization FSM.  The start state indicates



Expires January 1999                                            [Page 6]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   that FSM is in its initial state."
   ::= { docsBpiCmBaseEntry 3 }

   docsBpiCmAuthKeySequenceNumber  OBJECT-TYPE
   SYNTAX                          INTEGER (0..15)
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "The authorization key sequence number for this FSM."
   ::= { docsBpiCmBaseEntry 4 }

   docsBpiCmAuthExpires    OBJECT-TYPE
   SYNTAX                  DateAndTime
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Actual clock time when the current authorization for this FSM
   expires. If the CM does not have an active authorization, then the
   value is of the expiration date and time of the last active
   authorization."
   ::= { docsBpiCmBaseEntry 5 }

   docsBpiCmAuthReset      OBJECT-TYPE
   SYNTAX                  TruthValue
   MAX-ACCESS              read-write
   STATUS                  current
   DESCRIPTION
   "Setting this object to TRUE generates a Reauthorize event in the
   authorization FSM, as described in section 4.1.2.3.4 of the Baseline
   Privacy Interface Specification. Reading this object always returns
   FALSE."
   ::= { docsBpiCmBaseEntry 6 }

   docsBpiCmAuthGraceTime  OBJECT-TYPE
   SYNTAX                  INTEGER (1..1800)
   UNITS                   "seconds"
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Grace time for an authorization key.  A CM is expected to start
   trying to get a new authorization key beginning AuthGraceTime seconds
   before the authorization key actually expires. The value of this
   object cannot be changed while the authorization state machine is
   running. Note: this object will be read-write accessible only after
   the ability to start and stop the authorization state machine is
   understood."
   ::= { docsBpiCmBaseEntry 7 }




Expires January 1999                                            [Page 7]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   docsBpiCmTEKGraceTime   OBJECT-TYPE
   SYNTAX                  INTEGER (1..1800)
   UNITS                   "seconds"
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Grace time for a TEK.  A CM is expected to start trying to get a new
   TEK beginning TEKGraceTime seconds before the TEK actually expires.
   The value of this object cannot be changed while the authorization
   state machine is running. Note: this object will be read-write
   accessible only after the ability to start and stop the authorization
   state machine is understood."
   ::= { docsBpiCmBaseEntry 8 }

   docsBpiCmAuthWaitTimeout        OBJECT-TYPE
   SYNTAX                          INTEGER (2..30)
   UNITS                           "seconds"
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Authorize Wait Timeout. The value of this object cannot be changed
   while the authorization state machine is running. Note: this object
   will be read-write accessible only after the ability to start and
   stop the authorization state machine is understood."
   ::= { docsBpiCmBaseEntry 9 }

   docsBpiCmReauthWaitTimeout      OBJECT-TYPE
   SYNTAX                          INTEGER (2..30)
   UNITS                           "seconds"
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Reauthorize Wait Timeout in seconds. The value of this object cannot
   be changed while the authorization state machine is running. Note:
   this object will be read-write accessible only after the ability to
   start and stop the authorization state machine is understood."
   ::= { docsBpiCmBaseEntry 10 }

   docsBpiCmOpWaitTimeout  OBJECT-TYPE
   SYNTAX                  INTEGER (1..10)
   UNITS                   "seconds"
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Operational Wait Timeout in seconds. The value of this object cannot
   be changed while the authorization state machine is running. Note:
   this object will be read-write accessible only after the ability to
   start and stop the authorization state machine is understood."



Expires January 1999                                            [Page 8]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   ::= { docsBpiCmBaseEntry 11 }

   docsBpiCmRekeyWaitTimeout       OBJECT-TYPE
   SYNTAX                          INTEGER (1..10)
   UNITS                           "seconds"
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Rekey Wait Timeout in seconds. The value of this object cannot be
   changed while the authorization state machine is running. Note: this
   object will be read-write accessible only after the ability to start
   and stop the authorization state machine is understood."
   ::= { docsBpiCmBaseEntry 12 }

   docsBpiCmAuthRejectWaitTimeout  OBJECT-TYPE
   SYNTAX                          INTEGER (60..1800)
   UNITS                           "seconds"
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Authorization Reject Wait Timeout in seconds. The value of this
   object cannot be changed while the authorization state machine is
   running. Note: this object will be read-write accessible only after
   the ability to start and stop the authorization state machine is
   understood."
   ::= { docsBpiCmBaseEntry 13 }

   docsBpiCmAuthRequests   OBJECT-TYPE
   SYNTAX                  Counter32
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Count of times the CM has transmitted an Authorization Request
   message."
   ::= { docsBpiCmBaseEntry 14 }

   docsBpiCmAuthReplies    OBJECT-TYPE
   SYNTAX                  Counter32
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Count of times the CM has received an Authorization Reply message."
   ::= { docsBpiCmBaseEntry 15 }

   docsBpiCmAuthRejects    OBJECT-TYPE
   SYNTAX                  Counter32
   MAX-ACCESS              read-only
   STATUS                  current



Expires January 1999                                            [Page 9]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   DESCRIPTION
   "Count of times the CM has received an Authorization Reject message."
   ::= { docsBpiCmBaseEntry 16 }

   docsBpiCmAuthInvalids   OBJECT-TYPE
   SYNTAX                  Counter32
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Count of times the CM has received an Authorization Invalid message."
   ::= { docsBpiCmBaseEntry 17 }

   docsBpiCmAuthRejectErrorCode    OBJECT-TYPE
   SYNTAX                          INTEGER {
                                           none(1),
                                           unknown(2),
                                           unauthorizedCm(3),
                                           unauthorizedSid(4)
                                   }
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Error-Code in most recent Authorization Reject message received by
   the CM.  This has value unknown(2) if the last Error-Code value was
   0, and none(1) if no Authorization Reject message has been received
   since reboot."
   ::= { docsBpiCmBaseEntry 18 }

   docsBpiCmAuthRejectErrorString  OBJECT-TYPE
   SYNTAX                          DisplayString (SIZE (0..128))
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Display-String in most recent Authorization Reject message received
   by the CM.  This is a zero length string if no Authorization Reject
   message has been received since reboot."
   ::= { docsBpiCmBaseEntry 19 }

   docsBpiCmAuthInvalidErrorCode   OBJECT-TYPE
   SYNTAX                  INTEGER {
                                   none(1),
                                   unknown(2),
                                   unauthorizedCm(3),
                                   unsolicited(5),
                                   invalidKeySequence(6),
                                   keyRequestAuthenticationFailure(7)
                           }
   MAX-ACCESS              read-only



Expires January 1999                                           [Page 10]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   STATUS                  current
   DESCRIPTION
   "Error-Code in most recent Authorization Invalid message received by
   the CM.  This has value unknown(2) if the last Error-Code value was
   0, and none(1) if no Authorization Invalid message has been received
   since reboot."
   ::= { docsBpiCmBaseEntry 20 }

   docsBpiCmAuthInvalidErrorString OBJECT-TYPE
   SYNTAX                          DisplayString (SIZE (0..128))
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Display-String in most recent Authorization Invalid message received
   by the CM.  This is a zero length string if no Authorization Invalid
   message has been received since reboot."
   ::= { docsBpiCmBaseEntry 21 }

   --
   -- The CM TEK Table, indexed by ifIndex and SID
   --

   docsBpiCmTEKTable       OBJECT-TYPE
   SYNTAX                  SEQUENCE OF     DocsBpiCmTEKEntry
   MAX-ACCESS              not-accessible
   STATUS                  current
   DESCRIPTION
   "Describes the attributes of each CM Traffic Encryption Key (TEK)
   association. The CM maintains (no more than) one TEK association per
   SID per CM MAC interface."
   ::= { docsBpiCmObjects 2 }

   docsBpiCmTEKEntry       OBJECT-TYPE
   SYNTAX                  DocsBpiCmTEKEntry
   MAX-ACCESS              not-accessible
   STATUS                  current
   DESCRIPTION
   "An entry containing objects describing the TEK association attributes
   of one SID. The CM MUST create one entry per unicast or multicast SID,
   regardless of whether the SID was obtained from a Registration
   Response message, from an Authorization Reply message, or from any
   future dynamic SID establishment mechanisms. "
   INDEX                   { ifIndex, docsIfCmServiceId }
   ::= { docsBpiCmTEKTable 1 }

   DocsBpiCmTEKEntry ::= SEQUENCE {
   docsBpiCmTEKPrivacyEnable               TruthValue,
   docsBpiCmTEKState                       INTEGER,



Expires January 1999                                           [Page 11]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   docsBpiCmTEKExpiresOld                  DateAndTime,
   docsBpiCmTEKExpiresNew                  DateAndTime,
   docsBpiCmTEKKeyRequests                 Counter32,
   docsBpiCmTEKKeyReplies                  Counter32,
   docsBpiCmTEKKeyRejects                  Counter32,
   docsBpiCmTEKInvalids                    Counter32,
   docsBpiCmTEKAuthPends                   Counter32,
   docsBpiCmTEKKeyRejectErrorCode          INTEGER,
   docsBpiCmTEKKeyRejectErrorString        DisplayString,
   docsBpiCmTEKInvalidErrorCode            INTEGER,
   docsBpiCmTEKInvalidErrorString          DisplayString
   }

   docsBpiCmTEKPrivacyEnable       OBJECT-TYPE
   SYNTAX                          TruthValue
   MAX-ACCESS                      read-write
   STATUS                          current
   DESCRIPTION
   "This identifies whether this SID is provisioned to run Baseline
   Privacy. This is analogous to enabling Baseline Privacy on a
   provisioned SID using the Class-of-Service Privacy Enable option as
   described in BPI Appendix A.1.2. This object may be set to TRUE or
   FALSE at any time (causing the CM to send a Reauth event to the
   authorization machine), regardless of whether Baseline Privacy is
   enabled for the CM. However, Baseline Privacy is not effectively
   enabled for any SID unless Baseline Privacy is enabled for the CM,
   which is managed via the docsBpiCmPrivacyEnable object."
   ::= { docsBpiCmTEKEntry 1 }

   docsBpiCmTEKState       OBJECT-TYPE
   SYNTAX                  INTEGER {
                                   start (1),
                                   opWait (2),
                                   opReauthWait (3),
                                   operational (4),
                                   rekeyWait (5),
                                   rekeyReauthWait (6)
                           }
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "The state of the indicated TEK FSM. The start(1) state indicates that
   FSM is in its initial state."
   ::= { docsBpiCmTEKEntry 2 }

   docsBpiCmTEKExpiresOld  OBJECT-TYPE
   SYNTAX                  DateAndTime
   MAX-ACCESS              read-only



Expires January 1999                                           [Page 12]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   STATUS                  current
   DESCRIPTION
   "Actual clock time for expiration of the oldest active key for this
   FSM.  If this FSM has no active keys, then the value is of the
   expiration date and time of the last active key."
   ::= { docsBpiCmTEKEntry 3 }

   docsBpiCmTEKExpiresNew  OBJECT-TYPE
   SYNTAX                  DateAndTime
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Actual clock time for expiration of the newest active key for this
   FSM.  If this FSM has no active keys, then the value is of the
   expiration date and time of the last active key."
   ::= { docsBpiCmTEKEntry 4 }

   docsBpiCmTEKKeyRequests OBJECT-TYPE
   SYNTAX                  Counter32
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Count of times the CM has transmitted a Key Request message."
   ::= { docsBpiCmTEKEntry 5 }

   docsBpiCmTEKKeyReplies  OBJECT-TYPE
   SYNTAX                  Counter32
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Count of times the CM has received a Key Reply message."
   ::= { docsBpiCmTEKEntry 6 }

   docsBpiCmTEKKeyRejects  OBJECT-TYPE
   SYNTAX                  Counter32
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Count of times the CM has received a Key Reject message."
   ::= { docsBpiCmTEKEntry 7 }

   docsBpiCmTEKInvalids    OBJECT-TYPE
   SYNTAX                  Counter32
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Count of times the CM has received a TEK Invalid message."
   ::= { docsBpiCmTEKEntry 8 }



Expires January 1999                                           [Page 13]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   docsBpiCmTEKAuthPends   OBJECT-TYPE
   SYNTAX                  Counter32
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Count of times an Authorization Pending (Auth Pend) event occurred in
   this FSM."
   ::= { docsBpiCmTEKEntry 9 }

   docsBpiCmTEKKeyRejectErrorCode  OBJECT-TYPE
   SYNTAX                          INTEGER {
                                           none(1),
                                           unknown(2),
                                           unauthorizedSid(4)
                                   }
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Error-Code in most recent Key Reject message received by the CM. This
   has value unknown(2) if the last Error-Code value was 0, and none(1)
   if no Key Reject message has been received since reboot."
   ::= { docsBpiCmTEKEntry 10 }

   docsBpiCmTEKKeyRejectErrorString        OBJECT-TYPE
   SYNTAX                                  DisplayString (SIZE (0..128))
   MAX-ACCESS                              read-only
   STATUS                                  current
   DESCRIPTION
   "Display-String in most recent Key Reject message received by the CM.
   This is a zero length string if no Key Reject message has been
   received since reboot."
   ::= { docsBpiCmTEKEntry 11 }

   docsBpiCmTEKInvalidErrorCode    OBJECT-TYPE
   SYNTAX                          INTEGER {
                                           none(1),
                                           unknown(2),
                                           invalidKeySequence(6)
                                   }
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Error-Code in most recent TEK Invalid message received by the CM.
   This has value unknown(2) if the last Error-Code value was 0, and
   none(1) if no TEK Invalid message has been received since reboot."
   ::= { docsBpiCmTEKEntry 12 }

   docsBpiCmTEKInvalidErrorString  OBJECT-TYPE



Expires January 1999                                           [Page 14]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   SYNTAX                          DisplayString (SIZE (0..128))
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Display-String in most recent TEK Invalid message received by the CM.
   This is a zero length string if no TEK Invalid message has been
   received since reboot."
   ::= { docsBpiCmTEKEntry 13 }

   -- Cable Modem Termination System Group

   docsBpiCmtsObjects OBJECT IDENTIFIER ::= { docsBpiMIBObjects 2 }

   --
   -- The BPI base table for CMTSs, indexed by ifIndex
   --

   docsBpiCmtsBaseTable    OBJECT-TYPE
   SYNTAX                  SEQUENCE OF     DocsBpiCmtsBaseEntry
   MAX-ACCESS              not-accessible
   STATUS                  current
   DESCRIPTION
   "Describes the basic Baseline Privacy attributes of each CMTS MAC
   interface."
   ::= { docsBpiCmtsObjects 1 }

   docsBpiCmtsBaseEntry    OBJECT-TYPE
   SYNTAX                  DocsBpiCmtsBaseEntry
   MAX-ACCESS              not-accessible
   STATUS                  current
   DESCRIPTION
   "An entry containing objects describing attributes of one CMTS MAC
   interface. An entry in this table exists for each ifEntry with an
   ifType of docsCableMaclayer(127)."
   INDEX                   { ifIndex }
   ::= { docsBpiCmtsBaseTable 1 }

   DocsBpiCmtsBaseEntry ::= SEQUENCE {
   docsBpiCmtsDefaultAuthLifetime  INTEGER,
   docsBpiCmtsDefaultTEKLifetime   INTEGER,
   docsBpiCmtsDefaultAuthGraceTime INTEGER,
   docsBpiCmtsDefaultTEKGraceTime  INTEGER,
   docsBpiCmtsAuthRequests         Counter32,
   docsBpiCmtsAuthReplies          Counter32,
   docsBpiCmtsAuthRejects          Counter32,
   docsBpiCmtsAuthInvalids         Counter32
   }




Expires January 1999                                           [Page 15]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   docsBpiCmtsDefaultAuthLifetime  OBJECT-TYPE
   SYNTAX                          INTEGER (1..6048000)
   UNITS                           "seconds"
   MAX-ACCESS                      read-write
   STATUS                          current
   DESCRIPTION
   "Default lifetime, in seconds, the CMTS assigns to a new authorization
   key."
   ::= { docsBpiCmtsBaseEntry 1 }

   docsBpiCmtsDefaultTEKLifetime   OBJECT-TYPE
   SYNTAX                          INTEGER (1..604800)
   UNITS                           "seconds"
   MAX-ACCESS                      read-write
   STATUS                          current
   DESCRIPTION
   "Default lifetime, in seconds, the CMTS assigns to a new Traffic
   Encryption Key (TEK)."
   ::= { docsBpiCmtsBaseEntry 2 }

   docsBpiCmtsDefaultAuthGraceTime OBJECT-TYPE
   SYNTAX                          INTEGER (1..1800)
   UNITS                           "seconds"
   MAX-ACCESS                      read-write
   STATUS                          current
   DESCRIPTION
   "Default grace time, in seconds, the CMTS uses for an authorization
   key. This controls how far in advance of authorization key expiration
   that the CMTS is expected to produce the next generation of keying
   material. This value is expected to agree with the Authorization Grace
   Time that the provisioning system provides to CMs."
   ::= { docsBpiCmtsBaseEntry 3 }

   docsBpiCmtsDefaultTEKGraceTime  OBJECT-TYPE
   SYNTAX                          INTEGER (1..1800)
   UNITS                           "seconds"
   MAX-ACCESS                      read-write
   STATUS                          current
   DESCRIPTION
   "Default grace time, in seconds, the CMTS uses for a Traffic
   Encryption Key (TEK). This controls how far in advance of TEK
   expiration that the CMTS is expected to produce the next generation
   of keying material. This value is expected to agree with the TEK Grace
   Time that the provisioning system provides to CMs. Note that this
   object is particularly relevant for multicast SIDs, where multiple
   grace time values cannot be honored."
   ::= { docsBpiCmtsBaseEntry 4 }




Expires January 1999                                           [Page 16]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   docsBpiCmtsAuthRequests OBJECT-TYPE
   SYNTAX                  Counter32
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Count of times the CMTS has received an Authorization Request message
   from any CM."
   ::= { docsBpiCmtsBaseEntry 5 }

   docsBpiCmtsAuthReplies  OBJECT-TYPE
   SYNTAX                  Counter32
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Count of times the CMTS has transmitted an Authorization Reply
   message to any CM."
   ::= { docsBpiCmtsBaseEntry 6 }

   docsBpiCmtsAuthRejects  OBJECT-TYPE
   SYNTAX                  Counter32
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Count of times the CMTS has transmitted an Authorization Reject
   message to any CM."
   ::= { docsBpiCmtsBaseEntry 7 }

   docsBpiCmtsAuthInvalids OBJECT-TYPE
   SYNTAX                  Counter32
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Count of times the CMTS has transmitted an Authorization Invalid
   message to any CM."
   ::= { docsBpiCmtsBaseEntry 8 }

   --
   -- The CMTS Authorization Table, indexed by ifIndex and CM MAC address
   --

   docsBpiCmtsAuthTable    OBJECT-TYPE
   SYNTAX                  SEQUENCE OF     DocsBpiCmtsAuthEntry
   MAX-ACCESS              not-accessible
   STATUS                  current
   DESCRIPTION
   "Describes the attributes of each CM authorization association. The
   CMTS maintains one authorization association with each Baseline
   Privacy-enabled CM on each CMTS MAC interface."



Expires January 1999                                           [Page 17]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   ::= { docsBpiCmtsObjects 2 }

   docsBpiCmtsAuthEntry    OBJECT-TYPE
   SYNTAX                  DocsBpiCmtsAuthEntry
   MAX-ACCESS              not-accessible
   STATUS                  current
   DESCRIPTION
   "An entry containing objects describing attributes of one
   authorization association. The CMTS MUST create one entry per CM per
   MAC interface, based on the receipt of an Authorization Request
   message, and MUST not delete the entry before the CM authorization
   permanently expires."
   INDEX                   { ifIndex, docsBpiCmtsAuthCmMacAddress }
   ::= { docsBpiCmtsAuthTable 1 }

   DocsBpiCmtsAuthEntry ::= SEQUENCE {
   docsBpiCmtsAuthCmMacAddress             MacAddress,
   docsBpiCmtsAuthCmPublicKey              OCTET STRING,
   docsBpiCmtsAuthCmKeySequenceNumber      INTEGER,
   docsBpiCmtsAuthCmExpires                DateAndTime,
   docsBpiCmtsAuthCmLifetime               INTEGER,
   docsBpiCmtsAuthCmGraceTime              INTEGER,
   docsBpiCmtsAuthCmReset                  INTEGER,
   docsBpiCmtsAuthCmRequests               Counter32,
   docsBpiCmtsAuthCmReplies                Counter32,
   docsBpiCmtsAuthCmRejects                Counter32,
   docsBpiCmtsAuthCmInvalids               Counter32,
   docsBpiCmtsAuthRejectErrorCode          INTEGER,
   docsBpiCmtsAuthRejectErrorString        DisplayString,
   docsBpiCmtsAuthInvalidErrorCode         INTEGER,
   docsBpiCmtsAuthInvalidErrorString       DisplayString
   }

   docsBpiCmtsAuthCmMacAddress     OBJECT-TYPE
   SYNTAX                          MacAddress
   MAX-ACCESS                      not-accessible
   STATUS                          current
   DESCRIPTION
   "The physical address of the CM to which the authorization association
   applies."
   ::= { docsBpiCmtsAuthEntry 1 }

   docsBpiCmtsAuthCmPublicKey      OBJECT-TYPE
   SYNTAX                          OCTET STRING (SIZE (0..97))
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Public key of the CM encoded as an ASN.1 SubjectPublicKeyInfo object



Expires January 1999                                           [Page 18]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   as defined in the RSA Encryption Standard (PKCS #1) [12]. This is a
   zero-length string if the CMTS does not retain the public key."
   ::= { docsBpiCmtsAuthEntry 2 }

   docsBpiCmtsAuthCmKeySequenceNumber      OBJECT-TYPE
   SYNTAX                                  INTEGER (0..15)
   MAX-ACCESS                              read-only
   STATUS                                  current
   DESCRIPTION
   "The authorization key sequence number for this CM."
   ::= { docsBpiCmtsAuthEntry 3 }

   docsBpiCmtsAuthCmExpires        OBJECT-TYPE
   SYNTAX                          DateAndTime
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Actual clock time when the current authorization for this CM expires.
   If this CM does not have an active authorization, then the value is of
   the expiration date and time of the last active authorization."
   ::= { docsBpiCmtsAuthEntry 4 }

   docsBpiCmtsAuthCmLifetime       OBJECT-TYPE
   SYNTAX                          INTEGER (1..6048000)
   UNITS                           "seconds"
   MAX-ACCESS                      read-write
   STATUS                          current
   DESCRIPTION
   "Lifetime, in seconds, the CMTS assigns to an authorization key for
   this CM."
   ::= { docsBpiCmtsAuthEntry 5 }

   docsBpiCmtsAuthCmGraceTime      OBJECT-TYPE
   SYNTAX                          INTEGER (1..1800)
   UNITS                           "seconds"
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Grace time for the authorization key in seconds.  The CM is expected
   to start trying to get a new authorization key beginning AuthGraceTime
   seconds before the authorization key actually expires."
   ::= { docsBpiCmtsAuthEntry 6 }

   docsBpiCmtsAuthCmReset  OBJECT-TYPE
   SYNTAX                  INTEGER {
                                   noResetRequested(1),
                                   invalidateAuth(2),
                                   sendAuthInvalid(3),



Expires January 1999                                           [Page 19]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


                                   invalidateTeks(4)
                           }
   MAX-ACCESS              read-write
   STATUS                  current
   DESCRIPTION
   "Setting this object to invalidateAuth(2) causes the CMTS to
   invalidate the current CM authorization key, but not to transmit an
   Authorization Invalid message nor to invalidate unicast TEKs.  Setting
   this object to sendAuthInvalid(3) causes the CMTS to invalidate the
   current CM authorization key, and to transmit an Authorization Invalid
   message to the CM, but not to invalidate unicast TEKs.  Setting this
   object to invalidateTeks(4) causes the CMTS to invalidate the current
   CM authorization key, to transmit an Authorization Invalid message to
   the CM, and to invalidate all unicast TEKs associated with this CM
   authorization. Reading this object returns the most-recently-set value
   of this object, or returns noResetRequested(1) if the object has not
   been set since the last CMTS reboot."
   ::= { docsBpiCmtsAuthEntry 7 }

   docsBpiCmtsAuthCmRequests       OBJECT-TYPE
   SYNTAX                          Counter32
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Count of times the CMTS has received an Authorization Request message
   from this CM."
   ::= { docsBpiCmtsAuthEntry 8 }

   docsBpiCmtsAuthCmReplies        OBJECT-TYPE
   SYNTAX                          Counter32
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Count of times the CMTS has transmitted an Authorization Reply
   message to this CM."
   ::= { docsBpiCmtsAuthEntry 9 }

   docsBpiCmtsAuthCmRejects        OBJECT-TYPE
   SYNTAX                          Counter32
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Count of times the CMTS has transmitted an Authorization Reject
   message to this CM."
   ::= { docsBpiCmtsAuthEntry 10 }

   docsBpiCmtsAuthCmInvalids       OBJECT-TYPE
   SYNTAX                          Counter32



Expires January 1999                                           [Page 20]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Count of times the CMTS has transmitted an Authorization Invalid
   message to this CM."
   ::= { docsBpiCmtsAuthEntry 11 }

   docsBpiCmtsAuthRejectErrorCode  OBJECT-TYPE
   SYNTAX                  INTEGER {
                                   none(1),
                                   unknown(2),
                                   unauthorizedCm(3),
                                   unauthorizedSid(4)
                           }
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Error-Code in most recent Authorization Reject message transmitted to
   the CM.  This has value unknown(2) if the last Error-Code value was
   0, and none(1) if no Authorization Reject message has been transmitted
   to the CM."
   ::= { docsBpiCmtsAuthEntry 12 }

   docsBpiCmtsAuthRejectErrorString        OBJECT-TYPE
   SYNTAX                                  DisplayString (SIZE (0..128))
   MAX-ACCESS                              read-only
   STATUS                                  current
   DESCRIPTION
   "Display-String in most recent Authorization Reject message
   transmitted to the CM.  This is a zero length string if no
   Authorization Reject message has been transmitted to the CM."
   ::= { docsBpiCmtsAuthEntry 13 }

   docsBpiCmtsAuthInvalidErrorCode OBJECT-TYPE
   SYNTAX                  INTEGER {
                                   none(1),
                                   unknown(2),
                                   unauthorizedCm(3),
                                   unsolicited(5),
                                   invalidKeySequence(6),
                                   keyRequestAuthenticationFailure(7)
                           }
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Error-Code in most recent Authorization Invalid message transmitted
   to the CM.  This has value unknown(2) if the last Error-Code value was
   0, and none(1) if no Authorization Invalid message has been



Expires January 1999                                           [Page 21]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   transmitted to the CM."
   ::= { docsBpiCmtsAuthEntry 14 }

   docsBpiCmtsAuthInvalidErrorString       OBJECT-TYPE
   SYNTAX                                  DisplayString (SIZE (0..128))
   MAX-ACCESS                              read-only
   STATUS                                  current
   DESCRIPTION
   "Display-String in most recent Authorization Invalid message
   transmitted to the CM.  This is a zero length string if no
   Authorization Invalid message has been transmitted to the CM."
   ::= { docsBpiCmtsAuthEntry 15 }

   --
   -- The CMTS TEK Table, indexed by ifIndex and SID
   --

   docsBpiCmtsTEKTable     OBJECT-TYPE
   SYNTAX                  SEQUENCE OF     DocsBpiCmtsTEKEntry
   MAX-ACCESS              not-accessible
   STATUS                  current
   DESCRIPTION
   "Describes the attributes of each CM Traffic Encryption Key (TEK)
   association. The CMTS maintains one TEK association per SID on each
   CMTS MAC interface."
   ::= { docsBpiCmtsObjects 3 }

   docsBpiCmtsTEKEntry     OBJECT-TYPE
   SYNTAX                  DocsBpiCmtsTEKEntry
   MAX-ACCESS              not-accessible
   STATUS                  current
   DESCRIPTION
   "An entry containing objects describing attributes of one TEK
   association on a particular CMTS MAC interface. The CMTS MUST create
   one entry per SID per MAC interface, based on the receipt of an Key
   Request message, and MUST not delete the entry before the CM
   authorization for the SID permanently expires."

   INDEX                   { ifIndex, docsIfCmtsServiceId }
   ::= { docsBpiCmtsTEKTable 1 }

   DocsBpiCmtsTEKEntry ::= SEQUENCE {
   docsBpiCmtsTEKLifetime                  INTEGER,
   docsBpiCmtsTEKGraceTime                 INTEGER,
   docsBpiCmtsTEKExpiresOld                DateAndTime,
   docsBpiCmtsTEKExpiresNew                DateAndTime,
   docsBpiCmtsTEKReset                     TruthValue,
   docsBpiCmtsKeyRequests                  Counter32,



Expires January 1999                                           [Page 22]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   docsBpiCmtsKeyReplies                   Counter32,
   docsBpiCmtsKeyRejects                   Counter32,
   docsBpiCmtsTEKInvalids                  Counter32,
   docsBpiCmtsKeyRejectErrorCode           INTEGER,
   docsBpiCmtsKeyRejectErrorString         DisplayString,
   docsBpiCmtsTEKInvalidErrorCode          INTEGER,
   docsBpiCmtsTEKInvalidErrorString        DisplayString
   }

   docsBpiCmtsTEKLifetime  OBJECT-TYPE
   SYNTAX                  INTEGER (1..604800)
   UNITS                   "seconds"
   MAX-ACCESS              read-write
   STATUS                  current
   DESCRIPTION
   "Lifetime, in seconds, the CMTS assigns to keys for this TEK
   association."
   ::= { docsBpiCmtsTEKEntry 1 }

   docsBpiCmtsTEKGraceTime OBJECT-TYPE
   SYNTAX                  INTEGER (1..1800)
   UNITS                   "seconds"
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Grace time for the TEK in seconds.  The CM is expected to start
   trying to get a new TEK beginning TEKGraceTime seconds before the TEK
   actually expires."
   ::= { docsBpiCmtsTEKEntry 2 }

   docsBpiCmtsTEKExpiresOld        OBJECT-TYPE
   SYNTAX                  DateAndTime
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Actual clock time for expiration of the oldest active key for this
   TEK association.  If this TEK association has no active keys, then the
   value is of the expiration date and time of the last active key."
   ::= { docsBpiCmtsTEKEntry 3 }

   docsBpiCmtsTEKExpiresNew        OBJECT-TYPE
   SYNTAX                          DateAndTime
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Actual clock time for expiration of the newest active key for this
   TEK association.  If this TEK association has no active keys, then the
   value is of the expiration date and time of the last active key."



Expires January 1999                                           [Page 23]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   ::= { docsBpiCmtsTEKEntry 4 }

   docsBpiCmtsTEKReset     OBJECT-TYPE
   SYNTAX                  TruthValue
   MAX-ACCESS              read-write
   STATUS                  current
   DESCRIPTION
   "Setting this object to TRUE causes the CMTS to invalidate the current
   active TEK(s) (plural due to key transition periods), and to generate
   a new TEK for the associated SID. Reading this object always returns
   FALSE."
   ::= { docsBpiCmtsTEKEntry 5 }

   docsBpiCmtsKeyRequests  OBJECT-TYPE
   SYNTAX                  Counter32
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Count of times the CMTS has received a Key Request message."
   ::= { docsBpiCmtsTEKEntry 6 }

   docsBpiCmtsKeyReplies   OBJECT-TYPE
   SYNTAX                  Counter32
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Count of times the CMTS has transmitted a Key Reply message."
   ::= { docsBpiCmtsTEKEntry 7 }

   docsBpiCmtsKeyRejects   OBJECT-TYPE
   SYNTAX                  Counter32
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Count of times the CMTS has transmitted a Key Reject message."
   ::= { docsBpiCmtsTEKEntry 8 }

   docsBpiCmtsTEKInvalids  OBJECT-TYPE
   SYNTAX                  Counter32
   MAX-ACCESS              read-only
   STATUS                  current
   DESCRIPTION
   "Count of times the CMTS has transmitted a TEK Invalid message."
   ::= { docsBpiCmtsTEKEntry 9 }

   docsBpiCmtsKeyRejectErrorCode   OBJECT-TYPE
   SYNTAX                          INTEGER {
                                           none(1),



Expires January 1999                                           [Page 24]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


                                           unknown(2),
                                           unauthorizedSid(4)
                                   }
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Error-Code in the most recent Key Reject message sent in response to
   a Key Request for this BPI SID. This has value unknown(2) if the last
   Error-Code value was 0, and none(1) if no Key Reject message has been
   received since reboot."
   ::= { docsBpiCmtsTEKEntry 10 }

   docsBpiCmtsKeyRejectErrorString OBJECT-TYPE
   SYNTAX                          DisplayString (SIZE (0..128))
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Display-String in the most recent Key Reject message sent in response
   to a Key Request for this BPI SID.  This is a zero length string if no
   Key Reject message has been received since reboot."
   ::= { docsBpiCmtsTEKEntry 11 }

   docsBpiCmtsTEKInvalidErrorCode  OBJECT-TYPE
   SYNTAX                          INTEGER {
                                           none(1),
                                           unknown(2),
                                           invalidKeySequence(6)
                                   }
   MAX-ACCESS                      read-only
   STATUS                          current
   DESCRIPTION
   "Error-Code in the most recent TEK Invalid message sent in association
   with this BPI SID.  This has value unknown(2) if the last Error-Code
   value was 0, and none(1) if no TEK Invalid message has been received
   since reboot."
   ::= { docsBpiCmtsTEKEntry 12 }

   docsBpiCmtsTEKInvalidErrorString        OBJECT-TYPE
   SYNTAX                                  DisplayString (SIZE (0..128))
   MAX-ACCESS                              read-only
   STATUS                                  current
   DESCRIPTION
   "Display-String in the most recent TEK Invalid message sent in
   association with this BPI SID.  This is a zero length string if no TEK
   Invalid message has been received since reboot."
   ::= { docsBpiCmtsTEKEntry 13 }

   --



Expires January 1999                                           [Page 25]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   -- The CMTS Multicast Control Group
   --

   docsBpiMulticastControl OBJECT IDENTIFIER ::= { docsBpiCmtsObjects 4 }

   --
   -- The CMTS IP Multicast Mapping Table, indexed by IP multicast
   -- address and prefix, and by ifindex
   --

   docsBpiIpMulticastMapTable      OBJECT-TYPE
   SYNTAX                          SEQUENCE OF DocsBpiIpMulticastMapEntry
   MAX-ACCESS                      not-accessible
   STATUS                          current
   DESCRIPTION
   "Describes the mapping of IP multicast address prefixes to multicast
   SIDs on each CMTS MAC interface."
   ::= { docsBpiMulticastControl 1 }

   docsBpiIpMulticastMapEntry      OBJECT-TYPE
   SYNTAX                          DocsBpiIpMulticastMapEntry
   MAX-ACCESS                      not-accessible
   STATUS                          current
   DESCRIPTION
   "An entry containing objects describing the mapping of one IP
   multicast address prefix to one multicast SID on one CMTS MAC
   interface. The CMTS uses the mapping when forwarding downstream IP
   multicast traffic."
   INDEX                           { ifIndex, docsBpiIpMulticastAddress,
                                     docsBpiIpMulticastPrefixLength }
   ::= { docsBpiIpMulticastMapTable 1 }

   DocsBpiIpMulticastMapEntry ::= SEQUENCE {
   docsBpiIpMulticastAddress       IpAddress,
   docsBpiIpMulticastPrefixLength  INTEGER,
   docsBpiIpMulticastServiceId     INTEGER,
   docsBpiIpMulticastMapControl    RowStatus
   }

   docsBpiIpMulticastAddress       OBJECT-TYPE
   SYNTAX                          IpAddress
   MAX-ACCESS                      not-accessible
   STATUS                          current
   DESCRIPTION
   "The IP multicast address (prefix) to be mapped."
   ::= { docsBpiIpMulticastMapEntry 1 }

   docsBpiIpMulticastPrefixLength  OBJECT-TYPE



Expires January 1999                                           [Page 26]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   SYNTAX                          INTEGER (0..32)
   MAX-ACCESS                      not-accessible
   STATUS                          current
   DESCRIPTION
   "The IP multicast address prefix length to be mapped."
   ::= { docsBpiIpMulticastMapEntry 2 }

   docsBpiIpMulticastServiceId     OBJECT-TYPE
   SYNTAX                          INTEGER (8192..16368)
   MAX-ACCESS                      read-create
   STATUS                          current
   DESCRIPTION
   "The multicast SID to be used in this IP multicast address prefix
   mapping entry."
   -- DEFVAL is unused multicast SID value chosen by CMTS.
   ::= { docsBpiIpMulticastMapEntry 3 }

   docsBpiIpMulticastMapControl    OBJECT-TYPE
   SYNTAX                          RowStatus
   MAX-ACCESS                      read-create
   STATUS                          current
   DESCRIPTION
   "Controls and reflects the IP multicast address prefix mapping entry."
   ::= { docsBpiIpMulticastMapEntry 4 }

   --
   -- The CMTS Multicast SID Authorization Table, indexed by ifIndex by
   -- multicast SID by CM MAC address
   --

   docsBpiMulticastAuthTable       OBJECT-TYPE
   SYNTAX                          SEQUENCE OF DocsBpiMulticastAuthEntry
   MAX-ACCESS                      not-accessible
   STATUS                          current
   DESCRIPTION
   "Describes the multicast SID authorization for each CM on each CMTS
   MAC interface."
   ::= { docsBpiMulticastControl 2 }

   docsBpiMulticastAuthEntry       OBJECT-TYPE
   SYNTAX                          DocsBpiMulticastAuthEntry
   MAX-ACCESS                      not-accessible
   STATUS                          current
   DESCRIPTION
   "An entry containing objects describing the key authorization of one
   cable modem for one multicast SID for one CMTS MAC interface."
   INDEX                           { ifIndex, docsBpiMulticastServiceId,
                                     docsBpiMulticastCmMacAddress }



Expires January 1999                                           [Page 27]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   ::= { docsBpiMulticastAuthTable 1 }

   DocsBpiMulticastAuthEntry ::= SEQUENCE {
   docsBpiMulticastServiceId       INTEGER,
   docsBpiMulticastCmMacAddress    MacAddress,
   docsBpiMulticastAuthControl     RowStatus
   }

   docsBpiMulticastServiceId       OBJECT-TYPE
   SYNTAX                          INTEGER (8192..16368)
   MAX-ACCESS                      not-accessible
   STATUS                          current
   DESCRIPTION
   "The multicast SID for authorization."
   ::= { docsBpiMulticastAuthEntry 1 }

   docsBpiMulticastCmMacAddress    OBJECT-TYPE
   SYNTAX                          MacAddress
   MAX-ACCESS                      not-accessible
   STATUS                          current
   DESCRIPTION
   "The MAC address of the CM to which the multicast SID authorization
   applies."
   ::= { docsBpiMulticastAuthEntry 2 }

   docsBpiMulticastAuthControl     OBJECT-TYPE
   SYNTAX                          RowStatus
   MAX-ACCESS                      read-create
   STATUS                          current
   DESCRIPTION
   "Controls and reflects the CM authorization for each multicast SID."
   ::= { docsBpiMulticastAuthEntry 3 }

   --
   -- The BPI MIB Conformance Statements (with a placeholder for
   -- notifications)
   --

   docsBpiNotification     OBJECT IDENTIFIER ::= { docsBpiMIB 2 }
   docsBpiConformance      OBJECT IDENTIFIER ::= { docsBpiMIB 3 }
   docsBpiCompliances      OBJECT IDENTIFIER ::= { docsBpiConformance 1 }
   docsBpiGroups           OBJECT IDENTIFIER ::= { docsBpiConformance 2 }

   docsBpiBasicCompliance MODULE-COMPLIANCE
   STATUS          current
   DESCRIPTION
   "The compliance statement for devices which implement the DOCS
   Baseline Privacy Interface."



Expires January 1999                                           [Page 28]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   MODULE  -- docsBpiMIB

   -- conditionally mandatory group
   GROUP   docsBpiCmGroup
   DESCRIPTION
   "This group is implemented only in CMs, not in CMTSs."

   -- conditionally mandatory group
   GROUP   docsBpiCmtsGroup
   DESCRIPTION
    "This group is implemented only in CMTSs, not in CMs."

   -- relaxation on mandatory range
   OBJECT  docsBpiCmAuthGraceTime
   SYNTAX  INTEGER (300..1800)
   DESCRIPTION
   "The refined range corresponds to the minimum and maximum values in
   operational networks, according to Appendix A.2 in [7]."

   -- relaxation on mandatory range
   OBJECT  docsBpiCmTEKGraceTime
   SYNTAX  INTEGER (300..1800)
   DESCRIPTION
   "The refined range corresponds to the minimum and maximum values in
   operational networks, according to Appendix A.2 in [7]."

   -- relaxation on mandatory range
   OBJECT  docsBpiCmtsDefaultAuthLifetime
   SYNTAX  INTEGER (86400..6048000)
   DESCRIPTION
   "The refined range corresponds to the minimum and maximum values in
   operational networks, according to Appendix A.2 in [7]."

   -- relaxation on mandatory range
   OBJECT  docsBpiCmtsDefaultTEKLifetime
   SYNTAX  INTEGER (1800..604800)
   DESCRIPTION
   "The refined range corresponds to the minimum and maximum values in
   operational networks, according to Appendix A.2 in [7]."

   -- relaxation on mandatory range
   OBJECT  docsBpiCmtsDefaultAuthGraceTime
   SYNTAX  INTEGER (300..1800)
   DESCRIPTION
   "The refined range corresponds to the minimum and maximum values in
   operational networks, according to Appendix A.2 in [7]."

   -- relaxation on mandatory range



Expires January 1999                                           [Page 29]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   OBJECT  docsBpiCmtsDefaultTEKGraceTime
   SYNTAX  INTEGER (300..1800)
   DESCRIPTION
   "The refined range corresponds to the minimum and maximum values in
   operational networks, according to Appendix A.2 in [7]."

   -- relaxation on mandatory range
   OBJECT  docsBpiCmtsAuthCmLifetime
   SYNTAX  INTEGER (86400..6048000)
   DESCRIPTION
   "The refined range corresponds to the minimum and maximum values in
   operational networks, according to Appendix A.2 in [7]."

   -- relaxation on mandatory range
   OBJECT  docsBpiCmtsAuthCmGraceTime
   SYNTAX  INTEGER (300..1800)
   DESCRIPTION
   "The refined range corresponds to the minimum and maximum values in
   operational networks, according to Appendix A.2 in [7]."

   -- relaxation on mandatory range
   OBJECT  docsBpiCmtsTEKLifetime
   SYNTAX  INTEGER (1800..604800)
   DESCRIPTION
   "The refined range corresponds to the minimum and maximum values in
   operational networks, according to Appendix A.2 in [7]."

   -- relaxation on mandatory range
   OBJECT  docsBpiCmtsTEKGraceTime
   SYNTAX  INTEGER (300..1800)
   DESCRIPTION
   "The refined range corresponds to the minimum and maximum values in
   operational networks, according to Appendix A.2 in [7]."

   ::= { docsBpiCompliances 1 }

   docsBpiCmGroup  OBJECT-GROUP
   OBJECTS {
   docsBpiCmPrivacyEnable,
   docsBpiCmPublicKey,
   docsBpiCmAuthState,
   docsBpiCmAuthKeySequenceNumber,
   docsBpiCmAuthExpires,
   docsBpiCmAuthReset,
   docsBpiCmAuthGraceTime,
   docsBpiCmTEKGraceTime,
   docsBpiCmAuthWaitTimeout,
   docsBpiCmReauthWaitTimeout,



Expires January 1999                                           [Page 30]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   docsBpiCmOpWaitTimeout,
   docsBpiCmRekeyWaitTimeout,
   docsBpiCmAuthRejectWaitTimeout,
   docsBpiCmAuthRequests,
   docsBpiCmAuthReplies,
   docsBpiCmAuthRejects,
   docsBpiCmAuthInvalids,
   docsBpiCmAuthRejectErrorCode,
   docsBpiCmAuthRejectErrorString,
   docsBpiCmAuthInvalidErrorCode,
   docsBpiCmAuthInvalidErrorString,
   docsBpiCmTEKPrivacyEnable,
   docsBpiCmTEKState,
   docsBpiCmTEKExpiresOld,
   docsBpiCmTEKExpiresNew,
   docsBpiCmTEKKeyRequests,
   docsBpiCmTEKKeyReplies,
   docsBpiCmTEKKeyRejects,
   docsBpiCmTEKInvalids,
   docsBpiCmTEKAuthPends,
   docsBpiCmTEKKeyRejectErrorCode,
   docsBpiCmTEKKeyRejectErrorString,
   docsBpiCmTEKInvalidErrorCode,
   docsBpiCmTEKInvalidErrorString
   }
   STATUS                  current
   DESCRIPTION
   "A collection of objects providing CM BPI status and control."
   ::= { docsBpiGroups 1 }

   docsBpiCmtsGroup        OBJECT-GROUP
   OBJECTS {
   docsBpiCmtsDefaultAuthLifetime,
   docsBpiCmtsDefaultTEKLifetime,
   docsBpiCmtsDefaultAuthGraceTime,
   docsBpiCmtsDefaultTEKGraceTime,
   docsBpiCmtsAuthRequests,
   docsBpiCmtsAuthReplies,
   docsBpiCmtsAuthRejects,
   docsBpiCmtsAuthInvalids,
   docsBpiCmtsAuthCmPublicKey,
   docsBpiCmtsAuthCmKeySequenceNumber,
   docsBpiCmtsAuthCmExpires,
   docsBpiCmtsAuthCmLifetime,
   docsBpiCmtsAuthCmGraceTime,
   docsBpiCmtsAuthCmReset,
   docsBpiCmtsAuthCmRequests,
   docsBpiCmtsAuthCmReplies,



Expires January 1999                                           [Page 31]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   docsBpiCmtsAuthCmRejects,
   docsBpiCmtsAuthCmInvalids,
   docsBpiCmtsAuthRejectErrorCode,
   docsBpiCmtsAuthRejectErrorString,
   docsBpiCmtsAuthInvalidErrorCode,
   docsBpiCmtsAuthInvalidErrorString,
   docsBpiCmtsTEKLifetime,
   docsBpiCmtsTEKGraceTime,
   docsBpiCmtsTEKExpiresOld,
   docsBpiCmtsTEKExpiresNew,
   docsBpiCmtsTEKReset,
   docsBpiCmtsKeyRequests,
   docsBpiCmtsKeyReplies,
   docsBpiCmtsKeyRejects,
   docsBpiCmtsTEKInvalids,
   docsBpiCmtsKeyRejectErrorCode,
   docsBpiCmtsKeyRejectErrorString,
   docsBpiCmtsTEKInvalidErrorCode,
   docsBpiCmtsTEKInvalidErrorString,
   docsBpiIpMulticastServiceId,
   docsBpiIpMulticastMapControl,
   docsBpiMulticastAuthControl
   }
   STATUS          current
   DESCRIPTION
   "A collection of objects providing CMTS BPI status and control."
   ::= { docsBpiGroups 2 }

   END

5.  Acknowledgments

   This document was produced by the IPCDN Working Group.  Much of the
   content of this MIB was conceived by Chet Birger from Yas Corporation,
   and Mike StJohns from @Home Network.

6.  References

   [1]  SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and
        S. Waldbusser, "Structure of Management Information for Version 2
        of the Simple Network Management Protocol (SNMPv2)", RFC 1902,
        January 1996.

   [2]  McCloghrie, K., and M. Rose, Editors, "Management Information
        Base for Network Management of TCP/IP-based internets: MIB-II",
        STD 17, RFC 1213, March 1991.

   [3]  Case, J., Fedor, M., Schoffstall, M., and J. Davin, "A Simple



Expires January 1999                                           [Page 32]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


        Network Management Protocol (SNMP)", STD 15, RFC 1157, May 1990.

   [4]  SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M. and
        S. Waldbusser, "Protocol Operations for Version 2 of the Simple
        Network Management Protocol (SNMPv2)", RFC 1905, January 1996.

   [5]  Roeck, G., editor, "Radio Frequency (RF) Interface Management
        Information Base for MCNS compliant RF Interfaces", Internet
        draft draft-ietf-ipcdn-rf-interface-mib-04.txt, May 1998.

   [6]  Roeck, G., editor, "Cable Device Management Information
        Base for MCNS compliant Cable Modems and Cable Modem
        Termination Systems", Internet draft
        draft-ietf-ipcdn-cable-device-mib-04.txt, May 1998.

   [7]  "MCNS Data Over Cable Services, Baseline Privacy Interface
        Specification, SP-BPI-I01-970922", CableLabs, September 1997.

   [8]  "MCNS Data Over Cable Services, Radio Frequency Interface
        Specification, SP-RFI-I02-971008", CableLabs, October 1997.

   [9]  "MCNS Data Over Cable Services, OSSI Specification, RF Interface,
        SP-OSSI-RFI-I02-980410", CableLabs, April 1998.

   [10] RSA Laboratories, "The Public-Key Cryptography Standards",
        RSA Data Security Inc., Redwood City, CA.

   [11] Harrington, D., Presuhn, R., and Wijnen, B., "An Architecture
        for Describing SNMP Management Frameworks", RFC 2271, January
        1998.

7.  Security Considerations

   The Baseline Privacy Interface provides data encryption for MCNS
   data-over-cable services.  Baseline Privacy-capable cable modems have
   RSA private/public key pairs installed by manufacturers.  The public
   key is used to encrypt an Authorization key, and the Authorization
   key is used to encrypt one or more Traffic Encryption Keys (TEKs).
   The TEKs are used to encrypt both upstream and downstream data
   traffic.  Please refer to [7] to obtain further information on the
   Baseline Privacy specification.

   In particular, the Baseline Privacy Interface does not provide an
   authentication service.  CMTS implementors are encouraged not to rely
   on the MAC address of the CM for service authorization (in
   particular, for the docsBpiMulticastAuthTable in this MIB), without
   verifying the association between the MAC address and the RSA public
   key.  The mechanism to verify the MAC address to RSA public key



Expires January 1999                                           [Page 33]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   association is beyond the scope of this specification.

   This MIB specification contains a number of read-write objects, that
   should be protected from unauthorized modification to prevent denial
   of service and theft of service attacks: in particular, objects that
   manage enabling/disabling privacy (ex. docsBpiCmTEKPrivacyEnable),
   resetting state machines (ex. docsBpiCmAuthReset), key lifetimes (ex.
   docsBpiCmtsDefaultAuthLifetime), rekeying grace times (ex.
   docsBpiCmtsDefaultAuthGraceTime), and multicast traffic control (i.e.
   any object in the docsBpiMulticastControl group).

   The desired means to protect these objects from unwarranted access is
   to implement the SNMPv3 Management Frameworks [11] on CMs and CMTSs,
   with implementations of a Security Model and an Access Control Model
   that satisfy the security and access control needs of the cable
   service provider.  SNMPv3 agent implementations are currently not
   required for the MCNS data over cable service.

   Other means to protect CMs from unauthorized access include using the
   docsDevNmAccessTable from the Cable Device MIB [6] to disallow
   configuration changes from unauthorized network management stations,
   and using the SNMP MIB Object and SNMP Write-Access Control
   configuration file options from the Radio Frequency Interface [8] to
   set MIB object values and disable SNMP SET operations at cable modem
   boot time.  Note that these mechanisms may be vulnerable to an
   unauthorized network management station "spoofing" the source address
   of a legitimate network management station.

8.  Author's Address

      Richard Woundy
      American Internet Corporation
      4 Preston Court
      Bedford, MA 01730
      U.S.A.

      Phone: +1 781 276 4509
      Email: rwoundy@american.com

9.  Copyright Statement

   Copyright (C) The Internet Society (1998).  All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are



Expires January 1999                                           [Page 34]


INTERNET-DRAFT         MCNS Baseline Privacy MIB               July 1998


   included on all such copies and derivative works.  However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assigns.

   This document and the information contained herein is provided on an
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE."

































Expires January 1999                                           [Page 35]