IETF Logo Mail Archive

Re: [Dots] I-D Action: draft-ietf-dots-rfc8782-bis-00.txt

mohamed.boucadair@orange.com Mon, 31 August 2020 09:39 UTC

Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E145E3A1190 for <dots@ietfa.amsl.com>; Mon, 31 Aug 2020 02:39:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=orange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yNx7vrT2FpG9 for <dots@ietfa.amsl.com>; Mon, 31 Aug 2020 02:39:00 -0700 (PDT)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.70.34]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E57093A0F27 for <dots@ietf.org>; Mon, 31 Aug 2020 02:38:59 -0700 (PDT)
Received: from opfednr00.francetelecom.fr (unknown [xx.xx.xx.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by opfednr22.francetelecom.fr (ESMTP service) with ESMTPS id 4Bg4sG1SHPz12bw; Mon, 31 Aug 2020 11:38:58 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com; s=ORANGE001; t=1598866738; bh=vM4yYwgx9J4AKN7pD9J7Q4VrD/SzUbq0DXLsRK6D0Fw=; h=From:To:Subject:Date:Message-ID:Content-Type: Content-Transfer-Encoding:MIME-Version; b=uE16gdDYYumqhVYkBkmBT30w0NMGpxZc+bN44Xk3+vRzIXjKweGZJ2VGD1+3VSCqw wwDGKXOnXXZmOQ3ay6GjrOnMp/+fwlnKx2Bap8bCagVMCYz9p4+FR9LNRFAF7C/kid 5FUatIHpVqxfTd5cuiwTrfmP7tsfk8Obilqw+ySE6HpsnwKsqMncXNsZ+dzCWEfGMk ofv8CuwfwcFP9Rd0wnl0O65768PX3hBMoF7NnLa82pAKYe3m6XWWbXzYbn+UGTRIzE 4ulvpcpoc4CafbImAVlYq6RjskSzqskXpCLBEn9tVojWlwx/Uc2qsJ7t5XXgr9Wzzl Dt1PrrtsmeBDA==
Received: from Exchangemail-eme6.itn.ftgroup (unknown [xx.xx.13.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by opfednr00.francetelecom.fr (ESMTP service) with ESMTPS id 4Bg4sG0ZYWzDq7j; Mon, 31 Aug 2020 11:38:58 +0200 (CEST)
From: mohamed.boucadair@orange.com
To: 'kaname nishizuka' <kaname@nttv6.jp>, "dots@ietf.org" <dots@ietf.org>
Thread-Topic: [Dots] I-D Action: draft-ietf-dots-rfc8782-bis-00.txt
Thread-Index: AQHWeegPP0+YIEK9PUOSmxMawBQ6LKlHGS+AgASZdQCABkrN4A==
Date: Mon, 31 Aug 2020 09:38:57 +0000
Message-ID: <9520_1598866738_5F4CC532_9520_226_1_787AE7BB302AE849A7480A190F8B933031528E53@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
References: <159774885713.10211.5341151302930796088@ietfa.amsl.com> <04af01d675f7$3cedd600$b6c98200$@smyslov.net> <7239960d-0de3-801a-dd9f-e82b93580ae9@nttv6.jp> <163901d67a17$440b5c40$cc2214c0$@jpshallow.com> <19614_1598520348_5F477C1C_19614_44_1_787AE7BB302AE849A7480A190F8B933031525C28@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
In-Reply-To: <19614_1598520348_5F477C1C_19614_44_1_787AE7BB302AE849A7480A190F8B933031525C28@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.13.247]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/IEPt3QnljCKGUqKXc1hb6eOYfas>
Subject: Re: [Dots] I-D Action: draft-ietf-dots-rfc8782-bis-00.txt
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Aug 2020 09:39:02 -0000

Hi Kaname, all, 

FWIW, this is now fixed in the working copy available at: https://github.com/boucadair/rfc8782-yang-update/blob/master/draft-ietf-dots-rfc8782-bis.txt

The change to the YANG module can be tracked using this diff: https://github.com/boucadair/rfc8782-yang-update/commit/ac41fb1c496c5586cb461a7f3efacbabc28fbdca 

Cheers,
Med

> -----Message d'origine-----
> De : Dots [mailto:dots-bounces@ietf.org] De la part de
> mohamed.boucadair@orange.com
> Envoyé : jeudi 27 août 2020 11:26
> À : Jon Shallow <supjps-ietf@jpshallow.com>; 'kaname nishizuka'
> <kaname@nttv6.jp>; dots@ietf.org; Valery Smyslov <valery@smyslov.net>
> Objet : Re: [Dots] I-D Action: draft-ietf-dots-rfc8782-bis-00.txt
> 
> Hi all,
> 
> Yes, this should be fixed. The updated tree would look like:
> 
> OLD:
>            |     +-- (direction)?
>            |        +--:(server-to-client-only)
>            |           ...
>            |           +-- attack-status?
>            |                   iana-signal:attack-status
> 
> NEW:
>            |     +-- (direction)?
>            |        +--:(server-to-client-only)
>            |        |  ...
>            |        +--:(client-to-server-only)
>            |           +-- attack-status?
>            |                   iana-signal:attack-status
> 
> Cheers,
> Med
> 
> > -----Message d'origine-----
> > De : Dots [mailto:dots-bounces@ietf.org] De la part de Jon Shallow
> > Envoyé : lundi 24 août 2020 15:06 À : 'kaname nishizuka'
> > <kaname@nttv6.jp>; dots@ietf.org; Valery Smyslov
> <valery@smyslov.net>
> > Objet : Re: [Dots] I-D Action: draft-ietf-dots-rfc8782-bis-00.txt
> >
> > Hi Kaname,
> >
> > Well spotted!
> >
> > I agree that
> >
> >            leaf attack-status {
> >              type iana-signal:attack-status;
> >              description
> >                "Indicates the status of an attack as seen by the
> >                 DOTS client.";
> >            }
> > Should be moved up to just after (in the yang definition ietf-dots-
> > signal-channel@2020-07-02.yang)
> >        leaf trigger-mitigation {
> >          type boolean;
> >          default "true";
> >          description
> >            "If set to 'false', DDoS mitigation will not be
> >             triggered unless the DOTS signal channel
> >             session is lost.";
> >        }
> >
> > And will get corrected.
> >
> > Regards
> >
> > Jon
> >
> > > -----Original Message-----
> > > From: Dots [mailto: dots-bounces@ietf.org] On Behalf Of kaname
> > > nishizuka
> > > Sent: 24 August 2020 08:28
> > > To: Valery Smyslov; dots@ietf.org
> > > Subject: Re: [Dots] I-D Action: draft-ietf-dots-rfc8782-bis-00.txt
> > >
> > > Hi Med, all.
> > >
> > > `attack-status` is now under server-to-client-only in RFC8782 bis,
> > but
> > > I just want to clarify whether it's correct.
> > >
> > > In 4.4.3, it is said:
> > >     The 'attack-status' parameter is a mandatory attribute when
> > >     performing an efficacy update.  The various possible values
> > contained
> > >     in the 'attack-status' parameter are described in Table 4.
> > >              +-----------+-------------------------------------+
> > >              | Parameter | Description                         |
> > >              |     Value |                                     |
> > >              +===========+=====================================+
> > >              |         1 | The DOTS client determines that it  |
> > >              |           | is still under attack.              |
> > >              +-----------+-------------------------------------+
> > >              |         2 | The DOTS client determines that the |
> > >              |           | attack is successfully mitigated    |
> > >              |           | (e.g., attack traffic is not seen). |
> > >              +-----------+-------------------------------------+
> > >
> > >                  Table 4: Values of 'attack-status' Parameter
> > >
> > >
> > > regards,
> > > Kaname Nishizuka
> > >
> > >
> > > On 2020/08/19 16:06, Valery Smyslov wrote:
> > > > Hi,
> > > >
> > > > according to the roadmap we discussed for the replacement of RFC
> > > > 8782, we are going to request yangdoctors and opsdir reviews for
> > the
> > > > just adopted draft to double check that all the changes in YANG
> > > > module are fine with them.
> > > > We are going to issue WGLC shortly after the reviews are
> complete.
> > > >
> > > > Regards,
> > > > Frank & Valery.
> > > >
> > > >> A New Internet-Draft is available from the on-line Internet-
> > Drafts
> > > directories.
> > > >> This draft is a work item of the DDoS Open Threat Signaling WG
> of
> > > >> the
> > > IETF.
> > > >>
> > > >>          Title           : Distributed Denial-of-Service Open
> > Threat Signaling
> > > (DOTS) Signal Channel Specification
> > > >>          Authors         : Mohamed Boucadair
> > > >>                            Jon Shallow
> > > >>                            Tirumaleswar Reddy.K
> > > >> 	Filename        : draft-ietf-dots-rfc8782-bis-00.txt
> > > >> 	Pages           : 119
> > > >> 	Date            : 2020-08-18
> > > >>
> > > >> Abstract:
> > > >>     This document specifies the Distributed Denial-of-Service
> > Open Threat
> > > >>     Signaling (DOTS) signal channel, a protocol for signaling
> the
> > need
> > > >>     for protection against Distributed Denial-of-Service (DDoS)
> > attacks
> > > >>     to a server capable of enabling network traffic mitigation
> on
> > behalf
> > > >>     of the requesting client.
> > > >>
> > > >>     A companion document defines the DOTS data channel, a
> > separate
> > > >>     reliable communication layer for DOTS management and
> > configuration
> > > >>     purposes.
> > > >>
> > > >>     This document obsoletes RFC 8782.
> > > >>
> > > >>
> > > >> The IETF datatracker status page for this draft is:
> > > >> https://datatracker.ietf.org/doc/draft-ietf-dots-rfc8782-bis/
> > > >>
> > > >> There are also htmlized versions available at:
> > > >> https://tools.ietf.org/html/draft-ietf-dots-rfc8782-bis-00
> > > >> https://datatracker.ietf.org/doc/html/draft-ietf-dots-rfc8782-
> > bis-0
> > > >> 0
> > > >>
> > > >>
> > > >> Please note that it may take a couple of minutes from the time
> of
> > > submission
> > > >> until the htmlized version and diff are available at
> > tools.ietf.org.
> > > >>
> > > >> Internet-Drafts are also available by anonymous FTP at:
> > > >> ftp://ftp.ietf.org/internet-drafts/
> > > >>
> > > >>
> > > >> _______________________________________________
> > > >> Dots mailing list
> > > >> Dots@ietf.org
> > > >> https://www.ietf.org/mailman/listinfo/dots
> > > > _______________________________________________
> > > > Dots mailing list
> > > > Dots@ietf.org
> > > > https://www.ietf.org/mailman/listinfo/dots
> > >
> > > _______________________________________________
> > > Dots mailing list
> > > Dots@ietf.org
> > > https://www.ietf.org/mailman/listinfo/dots
> >
> > _______________________________________________
> > Dots mailing list
> > Dots@ietf.org
> > https://www.ietf.org/mailman/listinfo/dots
> 
> ______________________________________________________________________
> ___________________________________________________
> 
> Ce message et ses pieces jointes peuvent contenir des informations
> confidentielles ou privilegiees et ne doivent donc pas etre diffuses,
> exploites ou copies sans autorisation. Si vous avez recu ce message
> par erreur, veuillez le signaler a l'expediteur et le detruire ainsi
> que les pieces jointes. Les messages electroniques etant susceptibles
> d'alteration, Orange decline toute responsabilite si ce message a ete
> altere, deforme ou falsifie. Merci.
> 
> This message and its attachments may contain confidential or
> privileged information that may be protected by law; they should not
> be distributed, used or copied without authorisation.
> If you have received this email in error, please notify the sender and
> delete this message and its attachments.
> As emails may be altered, Orange is not liable for messages that have
> been modified, changed or falsified.
> Thank you.
> 
> _______________________________________________
> Dots mailing list
> Dots@ietf.org
> https://www.ietf.org/mailman/listinfo/dots

_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

v2.23.0 | Report a Bug | By Email