Network\CIM_SATransform.mof.mof (HTML version)

Return to index
CIM_SATransform Superclass: CIM_ScopedSettingData
SATransform is the base class for the various types of transforms that are in effect for an existing IPsecSAEndpoint, or aggregated into phase 2 proposals used during the IPsec negotiation process. This class is defined as a kind of ScopedSettingData, since it describes the set of transform properties that MUST be applied together, if negotiated. This subclassing is different than that defined in IETF's IPSP Policy draft - where it is subclassed from Policy. The definition as SettingData is more consistent with the application of the properties as a set, to the negotiated Security Association.

Note that an instance of this class is 'scoped' or contained by a System (either a ComputerSystem or AdminDomain), rather than by a SecurityAssociationEndpoint. This is indicated by instantiating the ScopedSetting association, and is necessary since the transform data is used in IPsec negotiation policies (also scoped by Systems) before ever being associated with a SecurityAssociationEndpoint. The latter semantics (i.e., that 'this' transform is negotiated for 'this' Security Association) is conveyed via a subclass of ElementSettingData, TransformOfSecurityAssociation.
Qualifiers:Abstract Version ( "2.8.0" ) MappingStrings { "IPSP Model.IETF|SATransform" }
Parameters (local in grey)
MappingStrings { "IPSP Model.IETF|SATransform.VendorID" }
string VendorID = "" ;
VendorID identifies vendor-defined transforms. If this field is empty (the default), then this is a standard transform.
Override ( "ElementName" )
MappingStrings { "IPSP Model.IETF|SATransform.CommonName" }
string ElementName ;
MappingStrings { "IPSP " "Model.IETF|SATransform.MaxLifetimeKilobytes" }
Units ( "KiloBytes" )
uint64 MaxLifetimeKilobytes = 0 ;
MaxLifetimeKilobytes specifies the maximum kilobyte lifetime for a Security Association. Different lifetimes are used, depending on the strength of the encryption algorithm. A value of 0, the default, indicates that no maximum should be defined. A non-zero value specifies the desired kilobyte lifetime.
MappingStrings { "IPSP " "Model.IETF|SATransform.MaxLifetimeSeconds" }
Units ( "Seconds" )
uint64 MaxLifetimeSeconds = 0 ;
MaxLifetimeSeconds specifies the maximum time that the Security Association should be considered valid after it has been created. A value of 0, the default, indicates that 8 hours should be used. A non-zero value indicates the maximum lifetime in seconds.
Key
string InstanceID ;
Within the scope of the instantiating Namespace, InstanceID opaquely and uniquely identifies an instance of this class. To ensure uniqueness within the NameSpace, the value of InstanceID should be constructed using the following 'preferred' algorithm:
<OrgID>:<LocalID>
Where <OrgID> and <LocalID> are separated by a colon (:), and where <OrgID> must include a copyrighted, trademarked, or otherwise unique name that is owned by the business entity that is creating or defining the InstanceID or that is a registered ID assigned to the business entity by a recognized global authority. (This requirement is similar to the <Schema Name>_<Class Name> structure of Schema class names.) In addition, to ensure uniqueness, <OrgID> must not contain a colon (:). When using this algorithm, the first colon to appear in InstanceID must appear between <OrgID> and <LocalID>.
<LocalID> is chosen by the business entity and should not be reused to identify different underlying (real-world) elements. If the above 'preferred' algorithm is not used, the defining entity must assure that the resulting InstanceID is not reused across any InstanceIDs produced by this or other providers for the NameSpace of this instance.
For DMTF-defined instances, the 'preferred' algorithm must be used with the <OrgID> set to CIM.
MaxLen ( 64 )
string Caption ;
The Caption property is a short textual description (one- line string) of the object.
string Description ;
The Description property provides a textual description of the object.