Re: [Dots] New Version Notification for draft-reddy-dots-signal-channel-08.txt
Dave Dolson <ddolson@sandvine.com> Wed, 22 February 2017 16:23 UTC
Return-Path: <ddolson@sandvine.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51D82129A0E for <dots@ietfa.amsl.com>; Wed, 22 Feb 2017 08:23:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.256
X-Spam-Level:
X-Spam-Status: No, score=-1.256 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qO5K9zaqj2a9 for <dots@ietfa.amsl.com>; Wed, 22 Feb 2017 08:23:55 -0800 (PST)
Received: from mail1.sandvine.com (mail1.sandvine.com [64.7.137.165]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DC7B9129A39 for <dots@ietf.org>; Wed, 22 Feb 2017 08:23:54 -0800 (PST)
Received: from WTL-EXCHP-1.sandvine.com ([fe80::ac6b:cc1e:f2ff:93aa]) by WTL-EXCHP-3.sandvine.com ([::1]) with mapi id 14.03.0319.002; Wed, 22 Feb 2017 11:23:53 -0500
From: Dave Dolson <ddolson@sandvine.com>
To: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>, "dots@ietf.org" <dots@ietf.org>
Thread-Topic: New Version Notification for draft-reddy-dots-signal-channel-08.txt
Thread-Index: AQHSjCCkIbjO+MzHWE6MQfNQQhzR96FzMYZQgADQiUCAAJ2nMIAAlop7
Date: Wed, 22 Feb 2017 16:23:53 +0000
Message-ID: <E8355113905631478EFF04F5AA706E987051EFC7@wtl-exchp-1.sandvine.com>
References: <148766749366.32553.4722816219476780947.idtracker@ietfa.amsl.com> <68781b8926724ea9ad41230aeb94b1a0@XCH-ALN-017.cisco.com> <E8355113905631478EFF04F5AA706E987051D5D1@wtl-exchp-1.sandvine.com>, <213d4ddabdb1441495ce430aa7da8d69@XCH-RCD-017.cisco.com>
In-Reply-To: <213d4ddabdb1441495ce430aa7da8d69@XCH-RCD-017.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.142.9]
x-c2processedorg: b2f06e69-072f-40ee-90c5-80a34e700794
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/J2z9Tog__Wrgg7SVaE_mIod-RrY>
Subject: Re: [Dots] New Version Notification for draft-reddy-dots-signal-channel-08.txt
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Feb 2017 16:23:56 -0000
I think my point was missed. See inline [DD] ________________________________________ From: Tirumaleswar Reddy (tireddy) [tireddy@cisco.com] Sent: Wednesday, February 22, 2017 3:55 AM To: Dave Dolson; dots@ietf.org Subject: RE: New Version Notification for draft-reddy-dots-signal-channel-08.txt > -----Original Message----- > From: Dave Dolson [mailto:ddolson@sandvine.com] > Sent: Wednesday, February 22, 2017 3:35 AM > To: Tirumaleswar Reddy (tireddy) <tireddy@cisco.com>; dots@ietf.org > Subject: RE: New Version Notification for draft-reddy-dots-signal-channel- > 08.txt > > On the topic of "Happy Eyeballs" (although I think this is a misnomer), Why "Happy Eyeballs" is used by most browsers today https://tools.ietf.org/html/rfc6555 and MIF WG is also using "Happy Eyeballs" technique (see https://tools.ietf.org/html/draft-ietf-mif-happy-eyeballs-extension-11). [DD] I said "misnomer" because although people look at browsers (with their eyeballs), dots protocol is not for human eyeballs. But I'm being pedantic :-) > I believe > the intent would be to use the same policy-id in each of the transports, to > detect duplicates at the server, correct? No. The use of "Happy Eyeballs" is test and pick a transport using which TLS or DTLS session can be established with the DOTS server (UDP has higher precedence than TCP). Once the session is established on a specific transport, there is no need to send the mitigation request on both the transports. [DD] Although the client desires only one request, if two sessions are initiated simultaneously, both *might* succeed. My point is that the server should be able to identify the duplicate -- and I think the "policy-id" field would be the mechanism to detect duplicates, correct? > The document should say so. (Or if not, explain how duplicates are to be > detected.) > > > Also, has thought been given to preventing replay attacks? E.g., maliciously > asking for mitigation by replaying a captured mitigation request? DTLS is capable of detecting replay attacks, see https://tools.ietf.org/html/rfc6347#section-3.3. I will update the draft to say Replay Detection using DTLS is mandatory for DOTS agents. -Tiru > > > > -----Original Message----- > From: Dots [mailto:dots-bounces@ietf.org] On Behalf Of Tirumaleswar Reddy > (tireddy) > Sent: Tuesday, February 21, 2017 4:31 AM > To: dots@ietf.org > Subject: Re: [Dots] New Version Notification for draft-reddy-dots-signal- > channel-08.txt > > This revision https://tools.ietf.org/html/draft-reddy-dots-signal-channel-08 > addresses comments from Ehud and Kaname. > > Major changes are: > > 1)DOTS mitigation request/response are marked as non-confirmable > messages. Requests marked by the DOTS client as Non-confirmable messages > are sent at regular intervals until a response is received from the DOTS server > (See Section 5.3 for more details). > > (Thanks to the feedback from Flemming, Andrew and Ehud). > > 2)Added support for vendor specific parameters. > > 3)Added new Mitigation status parameters: bytes_dropped, bps_dropped, > pkts_dropped and pps_dropped. > > Comments and suggestions are welcome. > > -Tiru > > > > -----Original Message----- > > From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] > > Sent: Tuesday, February 21, 2017 2:28 PM > > To: Prashanth Patil (praspati) <praspati@cisco.com>; Mohamed Boucadair > > <mohamed.boucadair@orange.com>; Tirumaleswar Reddy (tireddy) > > <tireddy@cisco.com> > > Subject: New Version Notification for > > draft-reddy-dots-signal-channel-08.txt > > > > > > A new version of I-D, draft-reddy-dots-signal-channel-08.txt > > has been successfully submitted by Tirumaleswar Reddy and posted to > > the IETF repository. > > > > Name: draft-reddy-dots-signal-channel > > Revision: 08 > > Title: Distributed Denial-of-Service Open Threat Signaling (DOTS) > > Signal Channel > > Document date: 2017-02-21 > > Group: Individual Submission > > Pages: 46 > > URL: https://www.ietf.org/internet-drafts/draft-reddy-dots-signal- > > channel-08.txt > > Status: https://datatracker.ietf.org/doc/draft-reddy-dots-signal- > channel/ > > Htmlized: https://tools.ietf.org/html/draft-reddy-dots-signal-channel-08 > > Diff: https://www.ietf.org/rfcdiff?url2=draft-reddy-dots-signal- > channel- > > 08 > > > > Abstract: > > This document specifies a mechanism that a DOTS client can use to > > signal that a network is under a Distributed Denial-of-Service (DDoS) > > attack to an upstream DOTS server so that appropriate mitigation > > actions are undertaken (including, blackhole, drop, rate-limit, or > > add to watch list) on the suspect traffic. The document specifies > > the DOTS signal channel including Happy Eyeballs considerations. The > > specification of the DOTS data channel is elaborated in a companion > > document. > > > > > > > > > > Please note that it may take a couple of minutes from the time of > > submission until the htmlized version and diff are available at tools.ietf.org. > > > > The IETF Secretariat > > _______________________________________________ > Dots mailing list > Dots@ietf.org > https://www.ietf.org/mailman/listinfo/dots
- Re: [Dots] New Version Notification for draft-red… Tirumaleswar Reddy (tireddy)
- Re: [Dots] New Version Notification for draft-red… Dave Dolson
- Re: [Dots] New Version Notification for draft-red… Xialiang (Frank)
- Re: [Dots] New Version Notification for draft-red… Tirumaleswar Reddy (tireddy)
- Re: [Dots] New Version Notification for draft-red… Dave Dolson
- Re: [Dots] New Version Notification for draft-red… Tirumaleswar Reddy (tireddy)