After several years of research and development, three RFCs were published in July 1992 dealing with SNMP Security and the administrative framework. This effort took much longer than was expected. There were many complaints about the complexity of the resulting design.
These documents were implemented by a few vendors but these implementations were never widely deployed because the efforts to define SNMPv2 started that same month. The industry wanted to have a single transition from SNMPv1 without security to SNMPv2 with security, and the efforts were merged.
The initial SNMPv2 standardization efforts culminated in April 1993 with the publication of 12 documents totaling about 400 pages of specifications which were proclaimed to have Proposed Standard status by the Internet Engineering Steering Group (IESG), which is the relevant committee of the Internet Engineering Task Force (IETF). The Working Group, having concluded its charter, officially went dormant at that time although work continued on implementations and discussions continued on the mailing list.
Although SNMPv2 was granted Proposed Standard status by the IETF, it was not accepted by the industry as a de facto standard in that few vendors included SNMPv2 in their products. There were many complaints about the complexity of the design of the security and administrative framework. While these aspects had been shown to be implementable and interoperable, they were often criticized as too complex for the average network administrator to deploy, configure, and use.
The Working Group was rechartered in late 1994 to prepare a recommendation to the IESG with regard to the SNMPv2 document set and possible advancement from Proposed Standard status to Draft Standard status.
At the initial meeting of the rechartered Working Group held in San Jose in December 1994, there were several people who argued that changes need to be made to the administrative framework in order to make it easier to configure and use. However, the group decided that there would be no fundamental changes to the administrative framework or security, in part in response to an impassioned plea from Marshall Rose that making drastic changes to the administrative framework at this time would be "looney tunes."
The Working Group met on multiple occasions, revising eleven of the original documents, deferring one to a future working group, and adding five new documents, producing a total of approximately 450 pages of specifications by early June 1995, about two months past the scheduled conclusion of the Working Group charter of March 1995.
Two of the primary SNMPv2 authors (Rose and McCloghrie) had nagging concerns about the resulting specifications which led their proposal for a complete replacement of the security aspects and administrative framework with a user-based administrative framework. The deadline for completion was extended by eight weeks to allow for other counter-proposals and approximately 15 such counter-proposals were submitted and discussed.
The discussion in the Working Group became polarized around two sets of security/administrative framework specifications plus two other positions. The four factions were as follows:
As the deadline for consensus approached, no decision was made between USEC-style security and SNMPv2*-style security. As a result, the Working Group agreed to recommend publication of the specifications on which there was a consensus, along with a specification of an interim administrative framework named SNMPv1.5, and to immediately continue work on the approximately 200 pages of specifications relating to the security and administrative aspects.
For further information, contact SNMP Research International, Inc.
3001 Kimberlin Heights Road