Re: [Dots] New Version Notification for draft-reddy-dots-signal-channel-08.txt
"Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com> Wed, 22 February 2017 08:55 UTC
Return-Path: <tireddy@cisco.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F09F12969D for <dots@ietfa.amsl.com>; Wed, 22 Feb 2017 00:55:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.523
X-Spam-Level:
X-Spam-Status: No, score=-14.523 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rjowJ_-_yqsw for <dots@ietfa.amsl.com>; Wed, 22 Feb 2017 00:55:12 -0800 (PST)
Received: from alln-iport-8.cisco.com (alln-iport-8.cisco.com [173.37.142.95]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B8B41293DF for <dots@ietf.org>; Wed, 22 Feb 2017 00:55:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4700; q=dns/txt; s=iport; t=1487753712; x=1488963312; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=eo/VAJjpRkdVGOTHuGcZ0sl9trDyz4wr0g3WMG0MoFo=; b=RdlC7BmrXhE5dRQUeXpHh530BrBQOvCp5S3isi+tfHYth1i1Uw+MOFai t3c5VxLUviDgxcMRXTOi6BYpDaIh1fp/wi7as5JXwoUXJ7KnR6ioOS6Mf atG/cVKPh+3/DX9I6xPwq0Dtka22GgrmWCWwiZtLxSQXs6GT7zrS6aHs5 g=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ASAQDfUK1Y/5pdJa1eGQEBAQEBAQEBAQEBBwEBAQEBg1FhgQkHjVyRWpU0gg0fC4V4AoJ0PxgBAgEBAQEBAQFiKIRwAQEBAwEBATg0CQcHBAIBCA4DBAEBHwkHJwsUCQgCBAESCIllCA6xIItFAQEBAQEBAQEBAQEBAQEBAQEBAQEBHYZMhG+DF4EaDYV7BY9JjEIBhnOLJIIEU4RJiXiINYpvAR84gQBUFRgmhkl1AYd8AQYfgQqBDQEBAQ
X-IronPort-AV: E=Sophos;i="5.35,193,1484006400"; d="scan'208";a="388730380"
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by alln-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 22 Feb 2017 08:55:11 +0000
Received: from XCH-RCD-018.cisco.com (xch-rcd-018.cisco.com [173.37.102.28]) by rcdn-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id v1M8tBJR023016 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 22 Feb 2017 08:55:11 GMT
Received: from xch-rcd-017.cisco.com (173.37.102.27) by XCH-RCD-018.cisco.com (173.37.102.28) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Wed, 22 Feb 2017 02:55:10 -0600
Received: from xch-rcd-017.cisco.com ([173.37.102.27]) by XCH-RCD-017.cisco.com ([173.37.102.27]) with mapi id 15.00.1210.000; Wed, 22 Feb 2017 02:55:10 -0600
From: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>
To: Dave Dolson <ddolson@sandvine.com>, "dots@ietf.org" <dots@ietf.org>
Thread-Topic: New Version Notification for draft-reddy-dots-signal-channel-08.txt
Thread-Index: AQHSjCCkIbjO+MzHWE6MQfNQQhzR96FzMYZQgADQiUCAAJ2nMA==
Date: Wed, 22 Feb 2017 08:55:10 +0000
Message-ID: <213d4ddabdb1441495ce430aa7da8d69@XCH-RCD-017.cisco.com>
References: <148766749366.32553.4722816219476780947.idtracker@ietfa.amsl.com> <68781b8926724ea9ad41230aeb94b1a0@XCH-ALN-017.cisco.com> <E8355113905631478EFF04F5AA706E987051D5D1@wtl-exchp-1.sandvine.com>
In-Reply-To: <E8355113905631478EFF04F5AA706E987051D5D1@wtl-exchp-1.sandvine.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.232.21.188]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/0egccuZdpIN0-mSIBEw63JkajbM>
Subject: Re: [Dots] New Version Notification for draft-reddy-dots-signal-channel-08.txt
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Feb 2017 08:55:14 -0000
> -----Original Message----- > From: Dave Dolson [mailto:ddolson@sandvine.com] > Sent: Wednesday, February 22, 2017 3:35 AM > To: Tirumaleswar Reddy (tireddy) <tireddy@cisco.com>; dots@ietf.org > Subject: RE: New Version Notification for draft-reddy-dots-signal-channel- > 08.txt > > On the topic of "Happy Eyeballs" (although I think this is a misnomer), Why "Happy Eyeballs" is used by most browsers today https://tools.ietf.org/html/rfc6555 and MIF WG is also using "Happy Eyeballs" technique (see https://tools.ietf.org/html/draft-ietf-mif-happy-eyeballs-extension-11). > I believe > the intent would be to use the same policy-id in each of the transports, to > detect duplicates at the server, correct? No. The use of "Happy Eyeballs" is test and pick a transport using which TLS or DTLS session can be established with the DOTS server (UDP has higher precedence than TCP). Once the session is established on a specific transport, there is no need to send the mitigation request on both the transports. > The document should say so. (Or if not, explain how duplicates are to be > detected.) > > > Also, has thought been given to preventing replay attacks? E.g., maliciously > asking for mitigation by replaying a captured mitigation request? DTLS is capable of detecting replay attacks, see https://tools.ietf.org/html/rfc6347#section-3.3. I will update the draft to say Replay Detection using DTLS is mandatory for DOTS agents. -Tiru > > > > -----Original Message----- > From: Dots [mailto:dots-bounces@ietf.org] On Behalf Of Tirumaleswar Reddy > (tireddy) > Sent: Tuesday, February 21, 2017 4:31 AM > To: dots@ietf.org > Subject: Re: [Dots] New Version Notification for draft-reddy-dots-signal- > channel-08.txt > > This revision https://tools.ietf.org/html/draft-reddy-dots-signal-channel-08 > addresses comments from Ehud and Kaname. > > Major changes are: > > 1)DOTS mitigation request/response are marked as non-confirmable > messages. Requests marked by the DOTS client as Non-confirmable messages > are sent at regular intervals until a response is received from the DOTS server > (See Section 5.3 for more details). > > (Thanks to the feedback from Flemming, Andrew and Ehud). > > 2)Added support for vendor specific parameters. > > 3)Added new Mitigation status parameters: bytes_dropped, bps_dropped, > pkts_dropped and pps_dropped. > > Comments and suggestions are welcome. > > -Tiru > > > > -----Original Message----- > > From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] > > Sent: Tuesday, February 21, 2017 2:28 PM > > To: Prashanth Patil (praspati) <praspati@cisco.com>; Mohamed Boucadair > > <mohamed.boucadair@orange.com>; Tirumaleswar Reddy (tireddy) > > <tireddy@cisco.com> > > Subject: New Version Notification for > > draft-reddy-dots-signal-channel-08.txt > > > > > > A new version of I-D, draft-reddy-dots-signal-channel-08.txt > > has been successfully submitted by Tirumaleswar Reddy and posted to > > the IETF repository. > > > > Name: draft-reddy-dots-signal-channel > > Revision: 08 > > Title: Distributed Denial-of-Service Open Threat Signaling (DOTS) > > Signal Channel > > Document date: 2017-02-21 > > Group: Individual Submission > > Pages: 46 > > URL: https://www.ietf.org/internet-drafts/draft-reddy-dots-signal- > > channel-08.txt > > Status: https://datatracker.ietf.org/doc/draft-reddy-dots-signal- > channel/ > > Htmlized: https://tools.ietf.org/html/draft-reddy-dots-signal-channel-08 > > Diff: https://www.ietf.org/rfcdiff?url2=draft-reddy-dots-signal- > channel- > > 08 > > > > Abstract: > > This document specifies a mechanism that a DOTS client can use to > > signal that a network is under a Distributed Denial-of-Service (DDoS) > > attack to an upstream DOTS server so that appropriate mitigation > > actions are undertaken (including, blackhole, drop, rate-limit, or > > add to watch list) on the suspect traffic. The document specifies > > the DOTS signal channel including Happy Eyeballs considerations. The > > specification of the DOTS data channel is elaborated in a companion > > document. > > > > > > > > > > Please note that it may take a couple of minutes from the time of > > submission until the htmlized version and diff are available at tools.ietf.org. > > > > The IETF Secretariat > > _______________________________________________ > Dots mailing list > Dots@ietf.org > https://www.ietf.org/mailman/listinfo/dots
- Re: [Dots] New Version Notification for draft-red… Tirumaleswar Reddy (tireddy)
- Re: [Dots] New Version Notification for draft-red… Dave Dolson
- Re: [Dots] New Version Notification for draft-red… Xialiang (Frank)
- Re: [Dots] New Version Notification for draft-red… Tirumaleswar Reddy (tireddy)
- Re: [Dots] New Version Notification for draft-red… Dave Dolson
- Re: [Dots] New Version Notification for draft-red… Tirumaleswar Reddy (tireddy)