Re: [Dots] draft-ietf-dots-telemetry: severity levels

Jon Shallow <supjps-ietf@jpshallow.com> Tue, 28 April 2020 14:09 UTC

Return-Path: <supjps-ietf@jpshallow.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 492F23A15A6 for <dots@ietfa.amsl.com>; Tue, 28 Apr 2020 07:09:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Af7C-cFELfDh for <dots@ietfa.amsl.com>; Tue, 28 Apr 2020 07:09:01 -0700 (PDT)
Received: from mail.jpshallow.com (mail.jpshallow.com [217.40.240.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05F8B3A15A4 for <dots@ietf.org>; Tue, 28 Apr 2020 07:09:00 -0700 (PDT)
Received: from mail2.jpshallow.com ([192.168.0.3] helo=N01332) by mail.jpshallow.com with esmtp (Exim 4.92.3) (envelope-from <jon.shallow@jpshallow.com>) id 1jTQuw-00054v-Cf; Tue, 28 Apr 2020 15:08:58 +0100
From: "Jon Shallow" <supjps-ietf@jpshallow.com>
To: <mohamed.boucadair@orange.com>, <dots@ietf.org>
References: <787AE7BB302AE849A7480A190F8B9330314A0F51@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
In-Reply-To: <787AE7BB302AE849A7480A190F8B9330314A0F51@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
Date: Tue, 28 Apr 2020 15:09:06 +0100
Message-ID: <015601d61d66$94132280$bc396780$@jpshallow.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0157_01D61D6E.F5D91120"
X-Mailer: Microsoft Outlook 14.0
Content-Language: en-gb
Thread-Index: AQDhGDIIALPUvLXqFzp+pNgG5AJRwqp4nIlQ
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/1D6X0X4yFiZDkti_7Z8VHhynWp4>
Subject: Re: [Dots] draft-ietf-dots-telemetry: severity levels
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Apr 2020 14:09:05 -0000

Hi Med,

 

This works for me.

 

Regards

 

Jon

 

From: Dots [mailto:-dots-bounces@ietf.org] On Behalf Of
mohamed.boucadair@orange.com
Sent: 28 April 2020 14:58
To: dots@ietf.org
Subject: [Dots] draft-ietf-dots-telemetry: severity levels

 

Hi all, 

 

attack-severity values as currently defined in the draft are mapped from
those of the Severity level indicator in SYSLOG (RFC5424): Emergency, Alert,
and Critical.

 

We are planning to change those values and use the ones defined in this
registry:
http://www.iana.org/assignments/iodef2/iodef2.xhtml#businessimpact-severity.


 

Any objection?

 

Cheers,

Med