IETF Logo Mail Archive

Re: [Dots] some nits and comments about draft-dots-signal-channel-23:

"Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com> Sat, 25 August 2018 14:32 UTC

Return-Path: <TirumaleswarReddy_Konda@mcafee.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3DFAE127148; Sat, 25 Aug 2018 07:32:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.309
X-Spam-Level:
X-Spam-Status: No, score=-4.309 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mcafee.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 17BySYtRqUNa; Sat, 25 Aug 2018 07:32:34 -0700 (PDT)
Received: from DNVWSMAILOUT1.mcafee.com (dnvwsmailout1.mcafee.com [161.69.31.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 02FE0124BE5; Sat, 25 Aug 2018 07:32:33 -0700 (PDT)
X-NAI-Header: Modified by McAfee Email Gateway (5500)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mcafee.com; s=s_mcafee; t=1535207563; h=From: To:CC:Subject:Thread-Topic:Thread-Index:Date: Message-ID:References:In-Reply-To:Accept-Language: Content-Language:X-MS-Has-Attach:X-MS-TNEF-Correlator: dlp-product:dlp-version:dlp-reaction:authentication-results: x-originating-ip:x-ms-publictraffictype:x-microsoft-exchange-diagnostics: x-ms-exchange-antispam-srfa-diagnostics:x-ms-office365-filtering-correlation-id: x-microsoft-antispam:x-ms-traffictypediagnostic: x-microsoft-antispam-prvs:x-exchange-antispam-report-test: x-ms-exchange-senderadcheck:x-exchange-antispam-report-cfa-test: x-forefront-prvs:x-forefront-antispam-report: received-spf:x-microsoft-antispam-message-info: spamdiagnosticoutput:spamdiagnosticmetadata: Content-Type:MIME-Version:X-MS-Exchange-CrossTenant-Network-Message-Id: X-MS-Exchange-CrossTenant-originalarrivaltime: X-MS-Exchange-CrossTenant-fromentityheader: X-MS-Exchange-CrossTenant-id:X-MS-Exchange-Transport-CrossTenantHeadersStamped: X-OriginatorOrg:X-NAI-Spam-Flag:X-NAI-Spam-Threshold: X-NAI-Spam-Score:X-NAI-Spam-Version; bh=w 32+ueP5nltzlLiiq4cAPE0T1Pf1tyoEJKojmj9+sZ w=; b=PcbNB1YpM7KLYV6AQt5YBq0z5EpQypBDNiKQY3mnm4p7 JyAfL3rghlXZCZofqrPA1XfH+2IeOAWkC/fr77diVOPVX6nr42 CShj8hHVihjIAMFeF08AbzyQ+cQQOj3LutZTrY2vX/Z6zXSWej MYhJ8rWJf1fp4SAHo74ImtnM9bw=
Received: from DNVEXAPP1N04.corpzone.internalzone.com (unknown [10.44.48.88]) by DNVWSMAILOUT1.mcafee.com with smtp (TLS: TLSv1/SSLv3,256bits,ECDHE-RSA-AES256-SHA384) id 680a_2e16_18b4b122_2c24_4ee8_8bcd_afc0850ed5e3; Sat, 25 Aug 2018 09:32:42 -0500
Received: from DNVEXUSR1N08.corpzone.internalzone.com (10.44.48.81) by DNVEXAPP1N04.corpzone.internalzone.com (10.44.48.88) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Sat, 25 Aug 2018 08:32:31 -0600
Received: from DNVEXAPP1N06.corpzone.internalzone.com (10.44.48.90) by DNVEXUSR1N08.corpzone.internalzone.com (10.44.48.81) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Sat, 25 Aug 2018 08:32:31 -0600
Received: from DNVO365EDGE1.corpzone.internalzone.com (10.44.176.66) by DNVEXAPP1N06.corpzone.internalzone.com (10.44.48.90) with Microsoft SMTP Server (TLS) id 15.0.1347.2 via Frontend Transport; Sat, 25 Aug 2018 08:32:30 -0600
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (10.44.176.242) by edge.mcafee.com (10.44.176.66) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Sat, 25 Aug 2018 08:32:28 -0600
Received: from BN6PR16MB1425.namprd16.prod.outlook.com (10.172.207.19) by BN6PR16MB1777.namprd16.prod.outlook.com (10.172.28.141) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1080.17; Sat, 25 Aug 2018 14:32:28 +0000
Received: from BN6PR16MB1425.namprd16.prod.outlook.com ([fe80::70b9:d1c3:ceda:596]) by BN6PR16MB1425.namprd16.prod.outlook.com ([fe80::70b9:d1c3:ceda:596%4]) with mapi id 15.20.1080.015; Sat, 25 Aug 2018 14:32:28 +0000
From: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com>
To: "Xialiang (Frank, Network Integration Technology Research Dept)" <frank.xialiang@huawei.com>, "draft-ietf-dots-signal-channel.authors@ietf.org" <draft-ietf-dots-signal-channel.authors@ietf.org>
CC: "dots@ietf.org" <dots@ietf.org>
Thread-Topic: some nits and comments about draft-dots-signal-channel-23:
Thread-Index: AdQ7fkPcZXaZ/b/SQr2JzmmZxhn5iAADTsyA
Date: Sat, 25 Aug 2018 14:32:28 +0000
Message-ID: <BN6PR16MB14254170346ECA688FB485D0EA350@BN6PR16MB1425.namprd16.prod.outlook.com>
References: <C02846B1344F344EB4FAA6FA7AF481F12C851E42@dggemm511-mbs.china.huawei.com>
In-Reply-To: <C02846B1344F344EB4FAA6FA7AF481F12C851E42@dggemm511-mbs.china.huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.0.500.52
dlp-reaction: no-action
authentication-results: spf=none (sender IP is ) smtp.mailfrom=TirumaleswarReddy_Konda@McAfee.com;
x-originating-ip: [122.172.101.15]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BN6PR16MB1777; 6:W3x+Fn3SDtINGuyqonmRsOToME+dD+taQ1k7BdiaziKLR40rTFvyLDDUDTNkULXVlKIqXdt7XtFHypn/5ojNkJdmOLZPbfqFkXvDB/tWXeFWzLuIAru44hgr9nMAqlOQ0FXMNyF2uB7l6rjkasond4oZuyCT+MuRWmN7RvRJRba6olErBskLscY3cJEd1Zb0ysDpFT7/MKAQ8i0OW2HHqcROxxR+h6aV5VJhuzj33V9ymcZEL4DJDt1/t3CErezAqFOOKNP2j0/bmcEcNqFu137vCT7cCVwLrM4Zvvwk9tohtYgqkVwcIeW03ogSeEAvxtGX6hNCk1O3dZszojjsB+ngSQitTp44V/XhIWW6i6wl3ImRk0ab6ReR945aYopTq9BhEc3N8bO8r89nH6InjBRpFz9luujv93KqTfzCHe2dlSil80aNDiBYwLfwWiFy59iclmqU7reFyoPLPjbI9g==; 5:3zBCUUMLrx0evjH3CD3s1zcUxhBNeAhSKnavN9xJ5cvuR8xCEaTjc21TeDqnLul4O634YYcUfvwnftn5M5hoA8hV0KQa0+PNKj8mVs1kDq+AiJ5Y4SOP0SU+ErDWZzcap0k63lyFky/pftsATX2ecznFsVMx4IIcLNyD/EsiLxc=; 7:Nz1cRO85CIX/Aj4aYaiyJokSfErqJ4SlpIIcG1K42NSss6FkmjmmucWT/fq3VMRBH+/aFfxpoD6p4/GfGbqauj6dYvipcPHjxx4AyltmZ8Znfmm9kMEmOA8KtmqS+QDz1pTXZEhDKwFe0EcnOZMaQgqztVuGFKql3D0jf0puMR1xf9J86a1NRvCdh/7iYlALvDWbnbpjJLFEv8FbuJoM5v9no016URdGBnJtcTCxusUk3ciBcpQ3OJ/LjUfkAg2F
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 86622b79-f5ed-44f0-2ead-08d60a979594
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989137)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(5600074)(711020)(2017052603328)(7153060)(7193020); SRVR:BN6PR16MB1777;
x-ms-traffictypediagnostic: BN6PR16MB1777:
x-microsoft-antispam-prvs: <BN6PR16MB1777061D39A8331C4F17FAA4EA350@BN6PR16MB1777.namprd16.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(158342451672863)(788757137089)(21748063052155);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(93006095)(93001095)(3231311)(944501410)(52105095)(10201501046)(3002001)(149027)(150027)(6041310)(20161123560045)(20161123564045)(20161123562045)(20161123558120)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(201708071742011)(7699016); SRVR:BN6PR16MB1777; BCL:0; PCL:0; RULEID:; SRVR:BN6PR16MB1777;
x-forefront-prvs: 0775716B9D
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(39840400004)(376002)(136003)(366004)(346002)(32952001)(189003)(199004)(6246003)(2900100001)(25786009)(4326008)(478600001)(72206003)(966005)(2906002)(76176011)(53546011)(99286004)(6506007)(7696005)(86362001)(102836004)(11346002)(186003)(486006)(316002)(446003)(110136005)(26005)(3846002)(6116002)(790700001)(476003)(33656002)(68736007)(5024004)(14444005)(256004)(97736004)(80792005)(9326002)(81156014)(606006)(8936002)(8676002)(81166006)(229853002)(106356001)(105586002)(14454004)(5660300001)(66066001)(74316002)(6436002)(2501003)(5250100002)(7736002)(236005)(6306002)(55016002)(53936002)(9686003)(54896002)(85282002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR16MB1777; H:BN6PR16MB1425.namprd16.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: McAfee.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: ibIy2UP/o+elc/TxMN6Le1mgiHh/B2S8b2IUnoq29cMpd9s8zoMaVGVywF9j99Iabsh1EsFBcNlmCsgRj34EW0Kh1VvHRfUBTj/gmM+IBrw64H+0Y2T3ZVWxbmFR/Z+a/04xuh3hwelhlHhm/vqnmceSClHKTHOSF6uTp6gBT+gGY8mMgNtpYALjCrvY4exaAPrhEimLd89HP6H0qGYXCNgctNVavNAMEaOVTZt9vWghiT9Cutrv7d4E2Dl3tPRxw8U12o9870B9JJs6bUnmx9cJRm5oYg/KiiEXNjblpZ0iOKIcdAffi5cpNXmIau4dkCVLE8yLkTNsrRDW8m0M7PQaO1D4Zatwf05sj7WMFdU=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BN6PR16MB14254170346ECA688FB485D0EA350BN6PR16MB1425namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 86622b79-f5ed-44f0-2ead-08d60a979594
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Aug 2018 14:32:28.4109 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4943e38c-6dd4-428c-886d-24932bc2d5de
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR16MB1777
X-OriginatorOrg: mcafee.com
X-NAI-Spam-Flag: NO
X-NAI-Spam-Threshold: 15
X-NAI-Spam-Score: 0
X-NAI-Spam-Version: 2.3.0.9418 : core <6359> : inlines <6828> : streams <1796525> : uri <2695858>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/2-GMIMzV8K-wsI5_ceLnd-FaJ5s>
Subject: Re: [Dots] some nits and comments about draft-dots-signal-channel-23:
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 25 Aug 2018 14:32:37 -0000

Hi Frank,

Please see inline [TR]

From: Dots <dots-bounces@ietf.org<mailto:dots-bounces@ietf.org>> On Behalf Of Xialiang (Frank, Network Integration Technology Research Dept)
Sent: Friday, August 24, 2018 1:59 PM
To: draft-ietf-dots-signal-channel.authors@ietf.org<mailto:draft-ietf-dots-signal-channel.authors@ietf.org>
Cc: dots@ietf.org<mailto:dots@ietf.org>
Subject: [Dots] some nits and comments about draft-dots-signal-channel-23:


CAUTION: External email. Do not click links or open attachments unless you recognize the sender and know the content is safe.


________________________________

Hi authors,
After once more careful review of this draft, I have the following nits and comments:

Nits:

1.       Last paragraph of section 1: /This is a companion document…/There is a companion document…/


[TR] The line looks correct, DOTS signal channel is a companion document of the DOTS data channel document.


2.       P13, the definition of cuid: /This is a mandatory Uri-Path./ This is a mandatory Uri-Path parameter./

[TR] Yes, will update.


3.       First paragraph in P16: / with indefinite lifetimes./ with indefinite lifetime./


[TR] The line looks correct, “lifetimes” is plural to refer to “mitigations”.



4.       P12: / Uri-Path: "version"/ Uri-Path: "v1"/


5.       P18: / cdid:  Stands for Client Domain IDentifier./ cdid:  Stands for Client Domain Identifier./

[TR] Yes, will fix 4 and 5.




6.       Last paragraph in P21: /The DOTS server couples the DOTS signal channel sessions using the DOTS client identity and optionally the ’cdid’ parameter value, and the DOTS server uses ’mid’ and ’cuid’ Uri-Path parameter values to detect duplicate mitigation requests./ The DOTS server differentiates the DOTS signal channel sessions using the DOTS client identity and optionally the ’cdid’ parameter value. for every DOTS signal channel session, the DOTS server uses ’mid’ Uri-Path parameter values to detect duplicate mitigation requests./

[TR] The above line is added to explain how the DOTS server couples DOTS signal channel sessions from the same DOTS client.


7.       P22: /This version of the specification forbids ’cuid’ and ’cdid’ (if used) to be returned in a response./This version of the specification forbids ’cuid’ and ’cdid’ (if used) to be returned in a response message body./

[TR] Yes, will update.

Comments:

1.       Last paragraph of P6: only "coaps+tcp" URI scheme is used, no “coaps+udp”?

[TR] No, by default the “coaps” URI scheme defined in RFC7252 is for UDP.



2.       Please consider including these terminology in section 2: JSON, YANG, CBOR, DER, ASN, SPKI, PSK, SHA, CIDR, TCP, UDP, SCTP, DCCP, IANA, FQDN, URI, ...

[TR] I have not seen any recent RFC adding them to the Terminology. However, we will expand the all the abbreviations (currently only missing for JSON, DER, ASN and PSK).


3.       Last paragraph of P7: 3..xx Response Codes seems to be not used in this document, delete it?

[TR] Good catch, will delete.



4.       P50: "...time to live values in the CBOR body (Figure 22)", TTL values should not be in the CBOR message body.

[TR] Yes, will remove.



5.       P72: [I-D.ietf-tls-dtls13] should be replaced by [RFC8446]

[TR] No, DTLS 1.3 has not yet become a RFC (see https://tools.ietf.org/html/draft-ietf-tls-dtls13-28)



6.       cuid vs cdid:

1)       Will server-domain DOTS gateways replace the cuid with its own cuid as the new DOTS client?

[TR] No, gateways will not modify or replace cuid.



2)       Will Server-domain DOTS gateways insert the new cdid to represent the source DOTS client ?

[TR] Yes, but to convey the source DOTS client domain identity.


3)       If the above points are right, I think the third paragraph in P18 is not very clear to clarify them and have space for tuning. And I also think there is a conflict between the 5th and 6th paragraph, since source DOTS clients cannot generate cdid, the DOTS server is impossible to ignore ‘cdid’ attributes that are directly supplied by source DOTS clients.

[TR] I did not get the above comment.



4)       P21: Is “the DOTS client identity” here the same as the ‘cuid’? or another id?

[TR] “DOTS client identity” is explained in page 26
<snip>
As a reminder, a DOTS client
   is identified by its identity (e.g., client certificate, 'cuid') and
   optionally the 'cdid'.
</snip>

Cheers,
-Tiru



Thanks!

B.R.
Frank

v2.23.0 | Report a Bug | By Email