Uniform Resource Identifier (URI) Scheme for the Simple Network Management Protocol (SNMP)
Note: This ballot was opened for revision 09 and is now closed.
(Steven Bellovin) Discuss
Discuss (2004-11-12 for -)
The security considerations section needs to be revised. All but the first paragarph is standard MIB boilerplate, which doesn't really fit here -- this isn't a MIB, it's a way to represent them. What needs to be said is this: The communication paths from the URI user to the gateway and from the gateway to the SNMP agent need to be secured appropriately. In particular, the gateway needs to either have a priori knowledge of the SNMP security mechanisms that should be applied, or the information must be supplied to it by the querier with the request. In this case, all requests to the gateway must be integrity-protected.
(Ted Hardie) Yes
(Bert Wijnen) Yes
(Harald Alvestrand) No Objection
Comment (2004-10-28 for -)
Reviewed by Joel Halpern, Gen-ART His review: This draft is basically ready for publication as a Proposed Standard RFC, but has nits that I think should be clarified before publication. minor: This document specifically uses URIs with a second double-slash in them - snmp://<host>//<oid> And then goes on to say roughly, ~if this does not work, the URI parser is broken. Fix it.~ In working on other efforts, we have been cautioned against this construct, and told that it may cause trouble for proxies / parsers. I am not enough of an HTTP / URI expert to know whether the usage in this document is safe.