Re: [Dots] New Version Notification for draft-francois-ipv6-dots-signal-option-00.txt
🔓Dan Wing <dwing@cisco.com> Thu, 24 March 2016 00:28 UTC
Return-Path: <dwing@cisco.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2912712D11D for <dots@ietfa.amsl.com>; Wed, 23 Mar 2016 17:28:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.53
X-Spam-Level:
X-Spam-Status: No, score=-14.53 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6Wpp8gl7vX5X for <dots@ietfa.amsl.com>; Wed, 23 Mar 2016 17:28:48 -0700 (PDT)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AB6A312D112 for <dots@ietf.org>; Wed, 23 Mar 2016 17:28:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10098; q=dns/txt; s=iport; t=1458779327; x=1459988927; h=mime-version:subject:from:in-reply-to:date:cc:message-id: references:to; bh=ALbF8Fe0IgLTM3ZUztk6tjXnEZfnLVqhpQgxgi0GfqY=; b=i2vcd9O5GdLzaY4FkvRfChfxeDe0vQDqrUhUZvRSxvtkxEU9RlvMUGNC DYazyMJVUqkqa8jnU9n7UCEkPZWYVwfDuF1uo8cqRiAl3p2jdNN7x6rX1 TBDr0IjwXiVpnwZMC15mMJGHd6KocFzJnIjENmbC9a2urhmVFd4NrF0cG M=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0DPAgC2M/NW/5FdJa1egzNTeoJ2snuEbgENgXAXAQuFagKBQzgUAQEBAQEBAWQnhEEBAQECAQEBAQEJF0sJAhAJAhgnAwICJx8RBhMJiBYIDpMPnReQdQEBAQEBAQEBAQEBAQEBAQEBAQEBARWGHoFzglGEFg5FglMrgisFjTt0iSuFcYgTgWZNg3+DBIVUhg6IeQ8PAQFCgjCBVRwuAYhPgTsBAQE
X-IronPort-AV: E=Sophos;i="5.24,383,1454976000"; d="scan'208,217";a="253120507"
Received: from rcdn-core-9.cisco.com ([173.37.93.145]) by alln-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 24 Mar 2016 00:28:46 +0000
Received: from [10.24.126.45] ([10.24.126.45]) (authenticated bits=0) by rcdn-core-9.cisco.com (8.14.5/8.14.5) with ESMTP id u2O0SifB011634 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 24 Mar 2016 00:28:45 GMT
Content-Type: multipart/alternative; boundary="Apple-Mail=_7ACF53F9-2E6A-4BFE-8516-FFB46AD0D980"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: 🔓Dan Wing <dwing@cisco.com>
In-Reply-To: <56F03684.7060207@inria.fr>
Date: Wed, 23 Mar 2016 17:28:44 -0700
Message-Id: <195A2FF3-8EBC-43D0-94FA-7302ECE12635@cisco.com>
References: <20160321175551.31929.22662.idtracker@ietfa.amsl.com> <56F03684.7060207@inria.fr>
To: Jérôme François <jerome.francois@inria.fr>
X-Mailer: Apple Mail (2.3124)
X-Authenticated-User: dwing
Archived-At: <http://mailarchive.ietf.org/arch/msg/dots/I_WfpSfbsz833NgXbOznPpZXeH4>
Cc: "Marco Davids (SIDN)" <marco.davids@sidn.nl>, Giovane Moura <giovane.moura@sidn.nl>, dots@ietf.org, Abdelkader Lahmadi <abdelkader.lahmadi@inria.fr>
Subject: Re: [Dots] New Version Notification for draft-francois-ipv6-dots-signal-option-00.txt
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Mar 2016 00:28:50 -0000
On 21-Mar-2016 10:59 am, Jérôme François <jerome.francois@inria.fr> wrote: > Dear all, > > Please find a new draft proposing an IPv6 Hop-by-Hop option for delivering DOTS signal. > All comments are welcome. IPv6 Extensions Headers, themselves, are often rate-limited or dropped entirely, reference https://tools.ietf.org/html/draft-gont-v6ops-ipv6-ehs-packet-drops https://tools.ietf.org/html/draft-ietf-v6ops-ipv6-ehs-in-real-world http://www.iepg.org/2014-03-02-ietf89/fgont-iepg-ietf89-eh-update.pdf While there might be agreement to not drop such packets over a link or over an ISP access network, some DOTS deployment models have the DOTS server on the Internet (e.g., cloud-based DDoS mitigation) where such agreements don't (can't) exist. While using v6 for this sort of piggybacked DOTS message is admirable, it is limited to networks where the DOTS client, DOTS server, intervening network, and user traffic (on which to piggyback) are all using IPv6 during the attack. Finally, such piggybacked messages seem difficult to authenticate. -d > > Thanks, > Jérôme > > > -------- Message transféré -------- > Sujet : New Version Notification for draft-francois-ipv6-dots-signal-option-00.txt > Date : Mon, 21 Mar 2016 10:55:51 -0700 > De : internet-drafts@ietf.org <mailto:internet-drafts@ietf.org> > Pour : Jerome Francois <jerome.francois@inria.fr> <mailto:jerome.francois@inria.fr>, Abdelkader Lahmadi <abdelkader.lahmadi@loria.fr> <mailto:abdelkader.lahmadi@loria.fr> > > A new version of I-D, draft-francois-ipv6-dots-signal-option-00.txt > has been successfully submitted by Jerome Francois and posted to the > IETF repository. > > Name: draft-francois-ipv6-dots-signal-option > Revision: 00 > Title: IPv6 DOTS Signal Option > Document date: 2016-03-21 > Group: Individual Submission > Pages: 13 > URL: https://www.ietf.org/internet-drafts/draft-francois-ipv6-dots-signal-option-00.txt <https://www.ietf.org/internet-drafts/draft-francois-ipv6-dots-signal-option-00.txt> > Status: https://datatracker.ietf.org/doc/draft-francois-ipv6-dots-signal-option/ <https://datatracker.ietf.org/doc/draft-francois-ipv6-dots-signal-option/> > Htmlized: https://tools.ietf.org/html/draft-francois-ipv6-dots-signal-option-00 <https://tools.ietf.org/html/draft-francois-ipv6-dots-signal-option-00> > > > Abstract: > This document describes a delivery mechanism based on the IPv6 Hop- > by-Hop options extension header type to carry a DOTS client signal > message over a congested network due to a DDoS attack. The specified > mechanism allows the DOTS client signal message to be included using > an opportunistic way in outgoing IPv6 packets traveling then through > the network to reach a DOTS server or relay. > > > > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat > > > > _______________________________________________ > Dots mailing list > Dots@ietf.org > https://www.ietf.org/mailman/listinfo/dots
- [Dots] Fwd: New Version Notification for draft-fr… Jérôme François
- Re: [Dots] New Version Notification for draft-fra… 🔓Dan Wing
- Re: [Dots] New Version Notification for draft-fra… Roland Dobbins
- Re: [Dots] New Version Notification for draft-fra… Abdelkader Lahmadi