Re: [Dime] Alissa Cooper's Discuss on draft-ietf-dime-drmp-05: (with DISCUSS and COMMENT)

"Trottin, Jean-Jacques (Nokia - FR)" <> Wed, 04 May 2016 09:36 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id C8F1612D0E5; Wed, 4 May 2016 02:36:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.92
X-Spam-Status: No, score=-6.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id c9vrlEaYfCXk; Wed, 4 May 2016 02:36:04 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 855D812D0EF; Wed, 4 May 2016 02:36:01 -0700 (PDT)
Received: from (unknown []) by Websense Email Security Gateway with ESMTPS id 692AA74F99E33; Wed, 4 May 2016 09:35:57 +0000 (GMT)
Received: from ( []) by (GMO-o) with ESMTP id u449Zv79024850 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Wed, 4 May 2016 09:35:59 GMT
Received: from ( []) by (GMO) with ESMTP id u449Zptl022123 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 4 May 2016 11:35:56 +0200
Received: from ([]) by ([]) with mapi id 14.03.0195.001; Wed, 4 May 2016 11:35:49 +0200
From: "Trottin, Jean-Jacques (Nokia - FR)" <>
To: "" <>, Alissa Cooper <>, "" <>
Thread-Topic: Alissa Cooper's Discuss on draft-ietf-dime-drmp-05: (with DISCUSS and COMMENT)
Thread-Index: AQHRpZWHwzJ4iI8k3EmUiQOkFIYlMJ+ohQPQ
Date: Wed, 04 May 2016 09:35:49 +0000
Message-ID: <>
References: <> <8354_1462318968_57293778_8354_15408_1_6B7134B31289DC4FAF731D844122B36E01E4C8AE@OPEXCLILM43.corporate.adroot.infra.ftgroup>
In-Reply-To: <8354_1462318968_57293778_8354_15408_1_6B7134B31289DC4FAF731D844122B36E01E4C8AE@OPEXCLILM43.corporate.adroot.infra.ftgroup>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_E194C2E18676714DACA9C3A2516265D29D4ED182FR712WXCHMBA12z_"
MIME-Version: 1.0
Archived-At: <>
Cc: "" <>, "" <>, "" <>
Subject: Re: [Dime] Alissa Cooper's Discuss on draft-ietf-dime-drmp-05: (with DISCUSS and COMMENT)
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 04 May 2016 09:36:07 -0000

Hi all

I also agree with Lionels’ comments and clarifications.

Best regards


De : DiME [] De la part de
Envoyé : mercredi 4 mai 2016 01:43
À : Alissa Cooper;
Cc :;;
Objet : Re: [Dime] Alissa Cooper's Discuss on draft-ietf-dime-drmp-05: (with DISCUSS and COMMENT)

Hi Alissa,

Thank you for your review.
Please find below some clarifications, waiting for authors feeback.



Envoyé depuis Surface

De : Alissa Cooper<>
Envoyé : ‎mardi‎ ‎3‎ ‎mai‎ ‎2016 ‎23‎:‎31
À :<>
Cc :<>, Lionel MORAND<>,<>, Lionel MORAND<>,<>

Alissa Cooper has entered the following ballot position for
draft-ietf-dime-drmp-05: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)

Please refer to
for more information about IESG DISCUSS and COMMENT positions.

The document, along with other ballot positions, can be found here:


(1) Given the two key security threats identified in Section 11 -- that
authorized nodes can issue requests with artificially high priority in
order to get better treatment, and that unauthorized intermediaries can
modify the priorities that senders set -- I don't see how it is
legitimate to claim that either 5.1 or 5.2 are appropriate use cases for
DRMP. The spec seems to assume that this mechanism will only be used in
scenarios where nodes and agents have some out-of-band trust relationship
established with each other (the shepherd write-up talks about a "trusted
environment"), but that is certainly not the case in many disaster and
emergency scenarios. If that really is a limitation on the scope of
applicability of this mechanism, that should be stated in the document,
and those use cases should either be removed or modified to explain the
limitations on their applicability.

[LM] I think that what is missing is that Diameter is mainly (if not only) used in mobile operator networks. The text makes reference to the RFC7683 where the overoload contgrol mechanism is introduced to solve overload situations in telco networks. This additional mechanism is seen as a complement of this overload control mechanism. Now, if it is understood that it is a mechanism defined for “trusted environment” i.e. mobile networks, the use of priority indications in emergency and disaster scenarios seems legitimate.

(2) Section 6 says:

    "The mechanism for how the agent determines which requests are
       throttled is implementation dependent and is outside the scope of
       this document."

How is a node supposed to determine how to set its priorities if each
agent makes implementation-specific decisions about what those priorities
mean? I understood the document to be saying that Diameter applications
would have to define what he priority levels mean within their own
contexts, but then I would have expected the interpretation of priorities
amongst all nodes and agents implementing the same application to be the

[LM] I understand. I think that the text should say “The mechanism for how the agent determines which requests are c(candidates) to be throttled”. And, when there are requests to throttle, the priority indication is used to determine “which requests to route first, which requests to throttle and where the request is routed.  For instance, requests with higher  priority might have a lower probability of being throttled. ”.

(3) Section 8 says:

 "Diameter nodes SHOULD use the PRIORITY_10 priority as this default

If the determination of the priority schemes are all
application-specific, how is it appropriate for this spec to define what
the default priority should be for all applications? Shouldn't
applications specify their own defaults?

[LM] it is needed to take into account that the use of priority indication in Diameter will be optional and that legacy implementation will not include any priority indication in Diameter requests. After discussion, it was decided that requests without priority should be handled as with a priority set to 10. This makes the difference with requests with an explicit lower priorities and other with higher priorities. 10 is used as “average” priority, with the possibility of specific operator policies to use another value.


Section 11 says: "DRMP gives Diameter nodes the ability to influence
which requests are throttled during overload scenarios." But the
information is not limited to use during overload scenarios, and the spec
specifically allows its use for prioritized routing in absence of
overload. This should be stated here too.

[LM] right.


Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc

pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler

a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,

Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;

they should not be distributed, used or copied without authorisation.

If you have received this email in error, please notify the sender and delete this message and its attachments.

As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.

Thank you.