IETF Logo Mail Archive

Re: [Dots] WGLC on draft-ietf-dots-architecture-08

"Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com> Wed, 28 November 2018 07:43 UTC

Return-Path: <TirumaleswarReddy_Konda@mcafee.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 52BC7130DEC for <dots@ietfa.amsl.com>; Tue, 27 Nov 2018 23:43:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.759
X-Spam-Level:
X-Spam-Status: No, score=-5.759 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mcafee.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BBqSXzMyJLXl for <dots@ietfa.amsl.com>; Tue, 27 Nov 2018 23:43:17 -0800 (PST)
Received: from DNVWSMAILOUT1.mcafee.com (dnvwsmailout1.mcafee.com [161.69.31.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 60B12130E44 for <dots@ietf.org>; Tue, 27 Nov 2018 23:43:17 -0800 (PST)
X-NAI-Header: Modified by McAfee Email Gateway (5500)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mcafee.com; s=s_mcafee; t=1543391004; h=From: To:Subject:Thread-Topic:Thread-Index:Date: Message-ID:References:In-Reply-To:Accept-Language: Content-Language:X-MS-Has-Attach:X-MS-TNEF-Correlator: dlp-product:dlp-version:dlp-reaction:authentication-results: x-originating-ip:x-ms-publictraffictype:x-microsoft-exchange-diagnostics: x-ms-exchange-antispam-srfa-diagnostics:x-ms-office365-filtering-correlation-id: x-microsoft-antispam:x-ms-traffictypediagnostic: x-microsoft-antispam-prvs:x-ms-exchange-senderadcheck: x-exchange-antispam-report-cfa-test:x-forefront-prvs: x-forefront-antispam-report:received-spf:x-microsoft-antispam-message-info: spamdiagnosticoutput:spamdiagnosticmetadata: Content-Type:MIME-Version:X-MS-Exchange-CrossTenant-Network-Message-Id: X-MS-Exchange-CrossTenant-originalarrivaltime: X-MS-Exchange-CrossTenant-fromentityheader: X-MS-Exchange-CrossTenant-id:X-MS-Exchange-Transport-CrossTenantHeadersStamped: X-OriginatorOrg:X-NAI-Spam-Flag:X-NAI-Spam-Level: X-NAI-Spam-Threshold:X-NAI-Spam-Score:X-NAI-Spam-Version; bh=PXy3Ob2YCWLbngeL1vZm7cSqHReZop3WdpJfEM kLJvY=; b=FVsi3bQrdrHtvA7G2RubirJ5y6LskS9q/TNMaXgd Ht3MtgIgugKhJA3bQ8BHFAizOcP0VFzGYOrtAfTQoek/MbOj1N Ln7NEjyTso1sCr+N8EpdyqrXTlz3H5W4mZXSmmNOqBBFNL4bbC OFGfvtaOiaDKq3N5G4c72JvQsEY16pY=
Received: from DNVEXAPP1N04.corpzone.internalzone.com (unknown [10.44.48.88]) by DNVWSMAILOUT1.mcafee.com with smtp (TLS: TLSv1/SSLv3,256bits,ECDHE-RSA-AES256-SHA384) id 7b1b_3f6c_4f6a2dc9_4048_4f76_b03b_37aa3efc3b25; Wed, 28 Nov 2018 01:43:23 -0600
Received: from DNVEXAPP1N06.corpzone.internalzone.com (10.44.48.90) by DNVEXAPP1N04.corpzone.internalzone.com (10.44.48.88) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Wed, 28 Nov 2018 00:42:54 -0700
Received: from DNVO365EDGE1.corpzone.internalzone.com (10.44.176.66) by DNVEXAPP1N06.corpzone.internalzone.com (10.44.48.90) with Microsoft SMTP Server (TLS) id 15.0.1347.2 via Frontend Transport; Wed, 28 Nov 2018 00:42:54 -0700
Received: from NAM04-CO1-obe.outbound.protection.outlook.com (10.44.176.243) by edge.mcafee.com (10.44.176.66) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Wed, 28 Nov 2018 00:42:53 -0700
Received: from BN6PR16MB1425.namprd16.prod.outlook.com (10.172.207.19) by BN6PR16MB1538.namprd16.prod.outlook.com (10.172.208.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1361.19; Wed, 28 Nov 2018 07:42:51 +0000
Received: from BN6PR16MB1425.namprd16.prod.outlook.com ([fe80::b8de:7bb:cfa3:22ee]) by BN6PR16MB1425.namprd16.prod.outlook.com ([fe80::b8de:7bb:cfa3:22ee%8]) with mapi id 15.20.1361.019; Wed, 28 Nov 2018 07:42:51 +0000
From: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com>
To: "Panwei (William)" <william.panwei@huawei.com>, "dots@ietf.org" <dots@ietf.org>
Thread-Topic: WGLC on draft-ietf-dots-architecture-08
Thread-Index: AdSGu1uXNlv5hE2HSDKM5a5yFZi0YwAMhhqw
Date: Wed, 28 Nov 2018 07:42:50 +0000
Message-ID: <BN6PR16MB14257F8CE191702521D88703EAD10@BN6PR16MB1425.namprd16.prod.outlook.com>
References: <30E95A901DB42F44BA42D69DB20DFA6A608E340F@nkgeml513-mbs.china.huawei.com>
In-Reply-To: <30E95A901DB42F44BA42D69DB20DFA6A608E340F@nkgeml513-mbs.china.huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.1.0.61
dlp-reaction: no-action
authentication-results: spf=none (sender IP is ) smtp.mailfrom=TirumaleswarReddy_Konda@McAfee.com;
x-originating-ip: [103.245.47.20]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BN6PR16MB1538; 6:rVnShVkDupNaRGwfVoEFN86OSH6cgTqWnA4QQ0xeX3CRVeEJC5l/B4sCQrpqnL+8TE8sqtQAWQehbn+qVylID297bgLFyIhoJpHYWIa+YvwTQbolcCzvtZdL9odSW5aPNRktKXBD0fXWddGVrxYNjFBTMxAN7Vucn2W0RQj3K4BZMrDsHTLmX7qmthIXnHd/hkJ5yEZIQcDn1kFAd/ec+q3wYZub/QtJo0URbVnJmQ4KpZvbxJS4B/efnI+6fsY9bBOsMDHQjRrc2QJpqapE1sNUK+3Rf4NUkLD+1ICmwHcAFtAVQsk3RFzn2gedB9wzhJ7s7d5y7Su9VyY/izeoug0Mmwgk23NnfhGexov1DNTidvsNkNV+5EBAPhWLytzoDnsEe/GSvWOSSm1TRZE/Zd1ULZhBSyT6Zobm8gjHS+3r13pBsF6GVQ8XwbOaAT9rleI7EM54nXVEp+cxzy08bg==; 5:IuxUIV3yfyXaX5huuffGO7iKlgrh/3Ae01Je41FgdbtSZe+ag473vRtCuZUgQyKcTbURwLv+1MQIgc8YZhO64xKSSo5Va0MdnDzO7gsaY65j+jCWQsgiQPQjyZJ+GJh8kFHq9391oEhkbVpSLDkou+1SMgOWMC8nT7/heyMktXw=; 7:MJycFZMapt8enmEi+d/RV4zXlGzZXyaA7ND4oXcLsZaWR3yGVfo7bZp2/JwNP+xuGa92ZMBRVtOtfKkmp0dC199WpmV74Uew+/taa4paB6pao2ZHf9gjRwQWW9WtQDDhSxsa1DGpF+iwqRd40tGOSg==
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 7565c791-4255-4bc3-b1ac-08d65505197d
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390098)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600074)(711020)(2017052603328)(7153060)(7193020); SRVR:BN6PR16MB1538;
x-ms-traffictypediagnostic: BN6PR16MB1538:
x-microsoft-antispam-prvs: <BN6PR16MB1538605097DE3A2F22895A8CEAD10@BN6PR16MB1538.namprd16.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3002001)(93006095)(93001095)(3231443)(944501410)(52105112)(10201501046)(148016)(149066)(150057)(6041310)(20161123558120)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(201708071742011)(7699051)(76991095); SRVR:BN6PR16MB1538; BCL:0; PCL:0; RULEID:; SRVR:BN6PR16MB1538;
x-forefront-prvs: 0870212862
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(346002)(366004)(39860400002)(376002)(396003)(136003)(32952001)(189003)(199004)(51914003)(33656002)(3846002)(9326002)(606006)(8676002)(81156014)(5660300001)(486006)(2906002)(81166006)(8936002)(7696005)(229853002)(6436002)(68736007)(476003)(790700001)(53936002)(76176011)(11346002)(6116002)(446003)(6506007)(53546011)(966005)(6306002)(5024004)(99286004)(105586002)(316002)(71190400001)(256004)(80792005)(14454004)(26005)(9686003)(106356001)(478600001)(7736002)(186003)(236005)(102836004)(55016002)(2501003)(54896002)(97736004)(110136005)(86362001)(66066001)(72206003)(74316002)(25786009)(71200400001)(6246003)(85282002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR16MB1538; H:BN6PR16MB1425.namprd16.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: McAfee.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: +y6+v971+Urqdj7fTUxPtOlTluOIwcoss6FHg9XxEHHMupo2sOQ7ElkAr2v7cktZRvvH36yoG4ASlO+bRlf3v0XTvT2dP69tRypFjM84+NoBZ1AZlBsNuW2bOdeOxIdWDgINJkfuNErZHUnaCJf7RYXklo0ZLd5nhLqqMemgMrwS/KLNk2TT1vJjJUX0obsJC3REUmcA2NePRhL3Lb1B1K5mXlSihOmZHpo78FnEh6vzZ7Y/tJyuV/vH2N47bG030xFInf2N+GFkJK07VEWcN0uzVfVRqb0H4nSRdvG4Nznd6HgiGhxdsOs/MkjtTRYbSNOVOQ5WT2RTgXZAYBWhgPrINaS8wlqDl+cBOtyPxUk=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BN6PR16MB14257F8CE191702521D88703EAD10BN6PR16MB1425namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 7565c791-4255-4bc3-b1ac-08d65505197d
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Nov 2018 07:42:50.8807 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4943e38c-6dd4-428c-886d-24932bc2d5de
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR16MB1538
X-OriginatorOrg: mcafee.com
X-NAI-Spam-Flag: NO
X-NAI-Spam-Level:
X-NAI-Spam-Threshold: 15
X-NAI-Spam-Score: 0.1
X-NAI-Spam-Version: 2.3.0.9418 : core <6427> : inlines <6972> : streams <1805556> : uri <2756915>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/Bbwu3QeTSjkSXWK57ycz9jbP3kI>
Subject: Re: [Dots] WGLC on draft-ietf-dots-architecture-08
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Nov 2018 07:43:19 -0000

Hi Wei,

Thanks for the review, we will modify the draft to use drop-list and accept-list.

Cheers,
-Tiru

From: Dots <dots-bounces@ietf.org> On Behalf Of Panwei (William)
Sent: Wednesday, November 28, 2018 7:20 AM
To: dots@ietf.org
Subject: Re: [Dots] WGLC on draft-ietf-dots-architecture-08


CAUTION: External email. Do not click links or open attachments unless you recognize the sender and know the content is safe.


________________________________
Hi,

While "drop-list" and "accept-list" are used in other drafts, I find that "black-list" and "white-list" are still used in the architecture draft. Should the "black-list" and "white-list" be changed to "drop-list" and "accept-list"?

In Section 2:
o Black-list management, which enables a DOTS client to inform the
DOTS server about sources to suppress.

o White-list management, which enables a DOTS client to inform the
DOTS server about sources from which traffic is always accepted.

In Section 3.1.2:
Once the DOTS client begins receiving DOTS server signals, the DOTS
session is active. At any time during the DOTS session, the DOTS
client may use the data channel to manage aliases, manage black- and
white-listed prefixes or addresses, leverage vendor-specific
extensions, and so on. Note that unlike the signal channel, there is
no requirement that the data channel remains operational in attack
conditions (See Data Channel Requirements,
[I-D.ietf-dots-requirements]).

In Section 4 :
Any attacker with the ability to impersonate a legitimate DOTS client
or server or, indeed, inject false messages into the stream may
potentially trigger/withdraw traffic redirection, trigger/cancel
mitigation activities or subvert black/whitelists.

Best Regards
Wei Pan


> -----邮件原件-----

> 发件人: Dots [mailto:dots-bounces@ietf.org] 代表 Roman Danyliw

> 发送时间: 2018年11月28日 6:15

> 收件人: dots@ietf.org<mailto:dots@ietf.org>

> 主题: [Dots] WGLC on draft-ietf-dots-architecture-08

>

> Hello!

>

> Consistent with our discussion at the Bangkok meeting, we are starting a

> working group last call (WGLC) for the DOTS architecture draft:

>

> DOTS Architecture

> draft-ietf-dots-architecture-08

> https://tools.ietf.org/html/draft-ietf-dots-architecture-08

>

> Please send comments to the DOTS mailing list -- feedback on remaining issues

> or needed changes; as well as endorsements that this draft is ready.

>

> This WGLC will end on December 12, 2018.

>

> Thanks,

> Roman and Frank

>

> _______________________________________________

> Dots mailing list

> Dots@ietf.org<mailto:Dots@ietf.org>

> https://www.ietf.org/mailman/listinfo/dots

v2.23.0 | Report a Bug | By Email