summaryrefslogtreecommitdiffstats
path: root/Schemas/CIM228/DMTF/IPsecPolicy/CIM_IKEProposal.mof
diff options
context:
space:
mode:
authorvenkat.puvvada <venkat.puvvada>2011-02-17 14:16:11 +0000
committervenkat.puvvada <venkat.puvvada>2011-02-17 14:16:11 +0000
commit4681c0f594d929037d507ca37befaf25088dc309 (patch)
treece98396f47a4aea22651ca5d83722e0eb7b2163b /Schemas/CIM228/DMTF/IPsecPolicy/CIM_IKEProposal.mof
parent366071f7bcb2b998f9b940b0913c6438c1064ddc (diff)
downloadtog-pegasus-4681c0f594d929037d507ca37befaf25088dc309.zip
tog-pegasus-4681c0f594d929037d507ca37befaf25088dc309.tar.gz
tog-pegasus-4681c0f594d929037d507ca37befaf25088dc309.tar.xz
BUG#: 8931
TITLE: Add Schema 2.28 to the cvs DESCRIPTION:
Diffstat (limited to 'Schemas/CIM228/DMTF/IPsecPolicy/CIM_IKEProposal.mof')
-rw-r--r--Schemas/CIM228/DMTF/IPsecPolicy/CIM_IKEProposal.mof159
1 files changed, 159 insertions, 0 deletions
diff --git a/Schemas/CIM228/DMTF/IPsecPolicy/CIM_IKEProposal.mof b/Schemas/CIM228/DMTF/IPsecPolicy/CIM_IKEProposal.mof
new file mode 100644
index 0000000..6c099b1
--- /dev/null
+++ b/Schemas/CIM228/DMTF/IPsecPolicy/CIM_IKEProposal.mof
@@ -0,0 +1,159 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::IPsecPolicy" ),
+ Description (
+ "IKEProposal contains the parameters necessary to drive the "
+ "phase 1 IKE negotiation." ),
+ MappingStrings { "IPSP Policy Model.IETF|IKEProposal" }]
+class CIM_IKEProposal : CIM_SAProposal {
+
+ [Description (
+ "MaxLifetimeSeconds specifies the maximum time the IKE "
+ "message sender proposes for an SA to be considered valid "
+ "after it has been created. A value of zero indicates "
+ "that the default of 8 hours be used. A non-zero value "
+ "indicates the maximum seconds lifetime." ),
+ Units ( "Seconds" ),
+ MappingStrings {
+ "IPSP Policy Model.IETF|IKEProposal.MaxLifetimeSeconds" },
+ ModelCorrespondence {
+ "CIM_SecurityAssociationEndpoint.LifetimeSeconds" },
+ PUnit ( "second" )]
+ uint64 MaxLifetimeSeconds;
+
+ [Description (
+ "MaxLifetimeKilobytes specifies the maximum kilobyte "
+ "lifetime the IKE message sender proposes for an SA to be "
+ "considered valid after it has been created. A value of "
+ "zero (the default) indicates that there should be no "
+ "maximum kilobyte lifetime. A non-zero value specifies "
+ "the desired kilobyte lifetime." ),
+ Units ( "KiloBytes" ),
+ MappingStrings {
+ "IPSP Policy Model.IETF|IKEProposal.MaxLifetimeKilobytes" },
+ ModelCorrespondence {
+ "CIM_SecurityAssociationEndpoint.LifetimeKilobytes" },
+ PUnit ( "byte * 10^3" )]
+ uint64 MaxLifetimeKilobytes;
+
+ [Description (
+ "CipherAlgorithm is an enumeration that specifies the "
+ "proposed encryption algorithm. The list of algorithms "
+ "was generated from Appendix A of RFC2409. Note that the "
+ "enumeration is different than the RFC list and aligns "
+ "with the values in IKESAEndpoint.CipherAlgorithm." ),
+ ValueMap { "1", "2", "3", "4", "5", "6", "7", "8..65000",
+ "65001..65535" },
+ Values { "Other", "DES", "IDEA", "Blowfish", "RC5", "3DES",
+ "CAST", "DMTF/IANA Reserved", "Vendor Reserved" },
+ MappingStrings {
+ "IPSP Policy Model.IETF|IKEProposal.CipherAlgorithm",
+ "RFC2409.IETF|Appendix A" },
+ ModelCorrespondence { "CIM_IKESAEndpoint.CipherAlgorithm",
+ "CIM_IKEProposal.OtherCipherAlgorithm" }]
+ uint16 CipherAlgorithm;
+
+ [Description (
+ "Description of the encryption algorithm when the value 1 "
+ "(\"Other\") is specified for the property, "
+ "CipherAlgorithm." ),
+ ModelCorrespondence {
+ "CIM_IKESAEndpoint.OtherCipherAlgorithm",
+ "CIM_IKEProposal.CipherAlgorithm" }]
+ string OtherCipherAlgorithm;
+
+ [Description (
+ "HashAlgorithm is an enumeration that specifies the "
+ "proposed hash function. The list of algorithms was "
+ "generated from Appendix A of RFC2409. Note that the "
+ "enumeration is different than the RFC list and aligns "
+ "with the values in IKESAEndpoint.HashAlgorithm." ),
+ ValueMap { "1", "2", "3", "4", "5..65000", "65001..65535" },
+ Values { "Other", "MD5", "SHA-1", "Tiger",
+ "DMTF/IANA Reserved", "Vendor Reserved" },
+ MappingStrings {
+ "IPSP Policy Model.IETF|IKEProposal.HashAlgorithm",
+ "RFC2409.IETF|Appendix A" },
+ ModelCorrespondence { "CIM_IKESAEndpoint.HashAlgorithm",
+ "CIM_IKEProposal.OtherHashAlgorithm" }]
+ uint16 HashAlgorithm;
+
+ [Description (
+ "Description of the hash function when the value 1 "
+ "(\"Other\") is specified for the property, "
+ "HashAlgorithm." ),
+ ModelCorrespondence { "CIM_IKESAEndpoint.OtherHashAlgorithm",
+ "CIM_IKEProposal.HashAlgorithm" }]
+ string OtherHashAlgorithm;
+
+ [Description (
+ "AuthenticationMethod is an enumeration that specifies "
+ "the proposed authentication. The list of methods was "
+ "generated from Appendix A of RFC2409. Note that the "
+ "enumeration is different than the RFC list and aligns "
+ "with the values in IKESAEndpoint.AuthenticationMethod. "
+ "There is one change to the list - the value 65000 has "
+ "special meaning. It is a special value that indicates "
+ "that this particular proposal should be repeated once "
+ "for each authentication method corresponding to "
+ "credentials installed on the machine. For example, if "
+ "the system has a pre-shared key and an public-key "
+ "certificate, a proposal list would be constructed which "
+ "includes a proposal that specifies a pre-shared key and "
+ "a proposal for any of the public-key certificates." ),
+ ValueMap { "1", "2", "3", "4", "5", "6", "7..64999", "65000",
+ "65001..65535" },
+ Values { "Other", "Pre-shared Key", "DSS Signatures",
+ "RSA Signatures", "Encryption with RSA",
+ "Revised Encryption with RSA", "DMTF/IANA Reserved",
+ "Any", "Vendor Reserved" },
+ MappingStrings {
+ "IPSP Policy Model.IETF|IKEProposal.AuthenticationMethod",
+ "RFC2409.IETF|Appendix A" },
+ ModelCorrespondence {
+ "CIM_IKESAEndpoint.AuthenticationMethod",
+ "CIM_IKEProposal.OtherAuthenticationMethod" }]
+ uint16 AuthenticationMethod;
+
+ [Description (
+ "Description of the method when the value 1 (\"Other\") "
+ "is specified for the property, AuthenticationMethod." ),
+ ModelCorrespondence {
+ "CIM_IKESAEndpoint.OtherAuthenticationMethod",
+ "CIM_IKEProposal.AuthenticationMethod" }]
+ string OtherAuthenticationMethod;
+
+ [Description (
+ "The property GroupId specifies the proposed phase 1 "
+ "security association key exchange group. This property "
+ "is ignored for all aggressive mode exchanges "
+ "(IKEAction.ExchangeMode = 4). If the GroupID number is "
+ "from the vendor-specific range (32768-65535), the "
+ "property VendorID qualifies the group number. Well-known "
+ "group identifiers from RFC2412, Appendix E, are: Group "
+ "1=\'768 bit prime\', Group 2=\'1024 bit prime\', Group 3 "
+ "=\'Elliptic Curve Group with 155 bit field element\', "
+ "Group 4= \'Large Elliptic Curve Group with 185 bit field "
+ "element\', and Group 5=\'1536 bit prime\'." ),
+ ValueMap { "0", "1", "2", "3", "4", "5", "..", "0x8000.." },
+ Values { "No Group/Non-Diffie-Hellman Exchange",
+ "DH-768 bit prime", "DH-1024 bit prime",
+ "EC2N-155 bit field element",
+ "EC2N-185 bit field element", "DH-1536 bit prime",
+ "Standard Group - Reserved", "Vendor Reserved" },
+ MappingStrings {
+ "IPSP Policy Model.IETF|IKEProposal.GroupID",
+ "RFC2412.IETF|Appendix E" },
+ ModelCorrespondence { "CIM_IKESAEndpoint.GroupID",
+ "CIM_IKEProposal.VendorID" }]
+ uint16 GroupId;
+
+ [Description (
+ "VendorID identifies the vendor when the value of GroupID "
+ "is in the vendor-specific range, 32768 to 65535." ),
+ ModelCorrespondence { "CIM_IKESAEndpoint.VendorID",
+ "CIM_IKEProposal.GroupId" }]
+ string VendorID;
+
+
+};