Re: [Dots] I-D Action: draft-ietf-dots-telemetry-01.txt
<mohamed.boucadair@orange.com> Thu, 06 February 2020 06:39 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EEED91200B4 for <dots@ietfa.amsl.com>; Wed, 5 Feb 2020 22:39:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=orange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KS0_9VsittiW for <dots@ietfa.amsl.com>; Wed, 5 Feb 2020 22:39:05 -0800 (PST)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.70.36]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0C60B12003E for <dots@ietf.org>; Wed, 5 Feb 2020 22:39:05 -0800 (PST)
Received: from opfednr05.francetelecom.fr (unknown [xx.xx.xx.69]) by opfednr27.francetelecom.fr (ESMTP service) with ESMTP id 48CpgC07Dmz4wGm; Thu, 6 Feb 2020 07:39:03 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com; s=ORANGE001; t=1580971143; bh=Nc+6aIqBOQc1WmJGQkSVx4U6J2cCHdTXvKdsNeqR0XM=; h=From:To:Subject:Date:Message-ID:Content-Type: Content-Transfer-Encoding:MIME-Version; b=VYzsiyofjLH99PVWA846mjU85yDFdi7gPIWBOs7tG+iJXDFcic2xoSwYxEWcaIdpX YHD1iVDCXnZGS7uArjMQ3jtHkN6An5Avm5ubFqzWCTOCI0dXCHcj+K0H4hpwQlDPNO y0OHeopiZkAFy9C/lBVkfePp7UBG1PS0bxfwsNeSsi3GSE7uFp8+3H2Owt0jkntvBX nhIkn74gKGSsl0mAuK52KL1Q/wstQja9GDMmosfFzrTsHrVuI5pIQFQM9g/0SaG50s a/JhJ7ftlNGE6zrbPq8VYAItwH5BktJtP+FOnS4XJhGXMaw8cd/XTPyamXzZ8dW3i8 38x6GmqI/9qlA==
Received: from Exchangemail-eme6.itn.ftgroup (unknown [xx.xx.13.20]) by opfednr05.francetelecom.fr (ESMTP service) with ESMTP id 48CpgB6BZdzyTB; Thu, 6 Feb 2020 07:39:02 +0100 (CET)
Received: from OPEXCAUBMA2.corporate.adroot.infra.ftgroup ([fe80::e878:bd0:c89e:5b42]) by OPEXCAUBMA1.corporate.adroot.infra.ftgroup ([::1]) with mapi id 14.03.0468.000; Thu, 6 Feb 2020 07:39:02 +0100
From: mohamed.boucadair@orange.com
To: Jon Shallow <supjps-ietf@jpshallow.com>, "'Konda, Tirumaleswar Reddy'" <TirumaleswarReddy_Konda@mcafee.com>, "dots@ietf.org" <dots@ietf.org>
Thread-Topic: [Dots] I-D Action: draft-ietf-dots-telemetry-01.txt
Thread-Index: AQHr206TYQ9eUkWY2E+gQ7j9EgylIAFoCT98AYq79nABByZIcqfBOr1wgACo+TA=
Date: Thu, 06 Feb 2020 06:39:02 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B93303142D65C@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
References: <158048229416.21195.16114328651657501634@ietfa.amsl.com> <787AE7BB302AE849A7480A190F8B93303141473A@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <787AE7BB302AE849A7480A190F8B933031414F55@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <CY4PR1601MB125427847C0E00EC33BD4520EA020@CY4PR1601MB1254.namprd16.prod.outlook.com> <0a3001d5dc62$37f49820$a7ddc860$@jpshallow.com>
In-Reply-To: <0a3001d5dc62$37f49820$a7ddc860$@jpshallow.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.13.245]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/378NVjpiH-7anpoWmQ19FyNFwps>
Subject: Re: [Dots] I-D Action: draft-ietf-dots-telemetry-01.txt
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Feb 2020 06:39:08 -0000
Hi Jon, all, Please see inline. Cheers, Med > -----Message d'origine----- > De : Jon Shallow [mailto:supjps-ietf@jpshallow.com] > Envoyé : mercredi 5 février 2020 21:24 > À : 'Konda, Tirumaleswar Reddy'; BOUCADAIR Mohamed TGI/OLN; > dots@ietf.org > Objet : RE: [Dots] I-D Action: draft-ietf-dots-telemetry-01.txt > > See inline > > Regards > > Jon > ... > > > > > > (1) key value range for telemetry: Jon raised this point "These > keys > > requires 3 > > > bytes - and telemetry information is going to be difficult to fit > into a > > packet. I > > > appreciate that comprehension-required Is for numbers less than > 0x8000 - > > > perhaps the comprehension-required range is reduced and also has a > > section > > > higher up so the total of 0x8000 still stands so less bytes can be > used > > here." > > > > > > +----------------------+-------+-------+------------+---------- > -----+ > > > | Parameter Name | CBOR | CBOR | Change | > Specification | > > > | | Key | Major | Controller | > Document(s) | > > > | | Value | Type | | > | > > > +----------------------+-------+-------+------------+---------- > -----+ > > > | ietf-dots-signal-cha | 32776 | 5 | IESG | > [RFCXXXX] | > > > | nnel:telemetry | | | | > | > > > > > > Med: This is a major one. We need to assess the gain, but it is > possible > in > > > theory to update our assignment policies and reassign, e.g., 128- > 255 > range > > to > > > be comprehension-optional (specific for telemetry). This would > mean that > > > the telemetry spec will be tagged as updating the base signal > channel > > spec. > > > We need more discussion. > > > > Why not change the DOTS telemetry attributes to comprehension- > required > > ? [Med] Telemetry attributes are not mandatory for the signal channel to function. A signal channel message enriched with telemetry data should not exacerbate message failure. > > If the server does not understand the DOTS telemetry attributes, it > will > > respond with 4.00 error response, and the client can re-send the > request > > without the DOTS telemetry attributes. > > Jon> Telemetry is also gated by a different sets of Path-URIs. [Med] Except when telemetry is also included in an update during a mitigation (S-C or S-C). What I have for this one in my local copy is as follows: In order to make use of this feature, DOTS clients MUST establish a telemetry setup session with the DOTS server in 'idle' time and MUST set the 'server-originated-telemetry' attribute to 'true'. DOTS servers MUST NOT include telemetry attributes in mitigation status updates sent to DOTS clients for which 'server-originated- telemetry' attribute is set to 'false'. > However, > source-prefix attribute comes from draft-ietf-dots-signal-call-home > and also > occupies 3 bytes - do we change the source-prefix CBOR Key type to > comprehension-required? > [Med] Including a source prefix in a signal channel message while not supported by the server must not lead to an error. That attribute cannot be set a comprehension-required. I suggest we don't touch that part.
- [Dots] I-D Action: draft-ietf-dots-telemetry-01.t… internet-drafts
- Re: [Dots] I-D Action: draft-ietf-dots-telemetry-… mohamed.boucadair
- Re: [Dots] I-D Action: draft-ietf-dots-telemetry-… mohamed.boucadair
- Re: [Dots] I-D Action: draft-ietf-dots-telemetry-… Konda, Tirumaleswar Reddy
- Re: [Dots] I-D Action: draft-ietf-dots-telemetry-… Jon Shallow
- Re: [Dots] I-D Action: draft-ietf-dots-telemetry-… mohamed.boucadair
- Re: [Dots] I-D Action: draft-ietf-dots-telemetry-… Konda, Tirumaleswar Reddy