Re: [Dots] New Version Notification for draft-reddy-dots-signal-channel-08.txt
"Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com> Thu, 23 February 2017 02:14 UTC
Return-Path: <tireddy@cisco.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9DBEE1294DB for <dots@ietfa.amsl.com>; Wed, 22 Feb 2017 18:14:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.522
X-Spam-Level:
X-Spam-Status: No, score=-14.522 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RWH_EZKYLbeQ for <dots@ietfa.amsl.com>; Wed, 22 Feb 2017 18:14:33 -0800 (PST)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA95E1294C9 for <dots@ietf.org>; Wed, 22 Feb 2017 18:14:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=6349; q=dns/txt; s=iport; t=1487816072; x=1489025672; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=9mn58MqR8GQX9xLzbIccfev0MW4Hl2obQqjxmDSFnb0=; b=SISa6Pkc0qPHtECPfFA16g1r7HYQEdhnXa+qpX4Jq3xNgkKtqcWmKbUL P64VHBtDRkg5wh3VpImKcAlsSNel2RG5cvRLAmXwrXOiHphUua5ByZlTY nrovaGpDWGI/SbvwlX/X07nPCcwmohutgPL86eb4cgH/U0Ygt4ZmIIAQQ w=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ATAQA4Ra5Y/4YNJK1TAQkZAQEBAQEBAQEBAQEHAQEBAQGDJylhgQkHjVyRWpU0gg0fC4V4AoMNPxgBAgEBAQEBAQFiKIRwAQEBAwEBATg0CQ4EAgEIDgMEAQEfCQcnCxQJCAIEARACCIllCA6xTYtLAQEBAQEBAQEBAQEBAQEBAQEBAQEBGAWGTIRvgxeBFQEEDYV7BY9MjEQBhnOLJoIEhRyJeYg1im8BHziBAFQVGCaESx2BYUMyAYkIAQYfgQqBDQEBAQ
X-IronPort-AV: E=Sophos;i="5.35,197,1484006400"; d="scan'208";a="211919102"
Received: from alln-core-12.cisco.com ([173.36.13.134]) by rcdn-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 23 Feb 2017 02:14:18 +0000
Received: from XCH-ALN-019.cisco.com (xch-aln-019.cisco.com [173.36.7.29]) by alln-core-12.cisco.com (8.14.5/8.14.5) with ESMTP id v1N2EIKf028775 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 23 Feb 2017 02:14:18 GMT
Received: from xch-rcd-017.cisco.com (173.37.102.27) by XCH-ALN-019.cisco.com (173.36.7.29) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Wed, 22 Feb 2017 20:14:17 -0600
Received: from xch-rcd-017.cisco.com ([173.37.102.27]) by XCH-RCD-017.cisco.com ([173.37.102.27]) with mapi id 15.00.1210.000; Wed, 22 Feb 2017 20:14:17 -0600
From: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>
To: Dave Dolson <ddolson@sandvine.com>, "dots@ietf.org" <dots@ietf.org>
Thread-Topic: New Version Notification for draft-reddy-dots-signal-channel-08.txt
Thread-Index: AQHSjCCkIbjO+MzHWE6MQfNQQhzR96FzMYZQgADQiUCAAJ2nMIAAlop7gAClV9A=
Date: Thu, 23 Feb 2017 02:14:17 +0000
Message-ID: <12bb7f28fe654aa1912dabf00f0ff07d@XCH-RCD-017.cisco.com>
References: <148766749366.32553.4722816219476780947.idtracker@ietfa.amsl.com> <68781b8926724ea9ad41230aeb94b1a0@XCH-ALN-017.cisco.com> <E8355113905631478EFF04F5AA706E987051D5D1@wtl-exchp-1.sandvine.com>, <213d4ddabdb1441495ce430aa7da8d69@XCH-RCD-017.cisco.com> <E8355113905631478EFF04F5AA706E987051EFC7@wtl-exchp-1.sandvine.com>
In-Reply-To: <E8355113905631478EFF04F5AA706E987051EFC7@wtl-exchp-1.sandvine.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.65.72.86]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/JBybs4XeG1U_8DtaxTP24-fxhDM>
Subject: Re: [Dots] New Version Notification for draft-reddy-dots-signal-channel-08.txt
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Feb 2017 02:14:35 -0000
> -----Original Message----- > From: Dave Dolson [mailto:ddolson@sandvine.com] > Sent: Wednesday, February 22, 2017 9:54 PM > To: Tirumaleswar Reddy (tireddy) <tireddy@cisco.com>; dots@ietf.org > Subject: RE: New Version Notification for draft-reddy-dots-signal-channel- > 08.txt > > I think my point was missed. > See inline [DD] > > ________________________________________ > From: Tirumaleswar Reddy (tireddy) [tireddy@cisco.com] > Sent: Wednesday, February 22, 2017 3:55 AM > To: Dave Dolson; dots@ietf.org > Subject: RE: New Version Notification for draft-reddy-dots-signal-channel- > 08.txt > > > -----Original Message----- > > From: Dave Dolson [mailto:ddolson@sandvine.com] > > Sent: Wednesday, February 22, 2017 3:35 AM > > To: Tirumaleswar Reddy (tireddy) <tireddy@cisco.com>; dots@ietf.org > > Subject: RE: New Version Notification for > > draft-reddy-dots-signal-channel- 08.txt > > > > On the topic of "Happy Eyeballs" (although I think this is a > > misnomer), > > Why "Happy Eyeballs" is used by most browsers today > https://tools.ietf.org/html/rfc6555 and MIF WG is also using "Happy Eyeballs" > technique (see https://tools.ietf.org/html/draft-ietf-mif-happy-eyeballs- > extension-11). > [DD] I said "misnomer" because although people look at browsers (with their > eyeballs), dots protocol is not for human eyeballs. But I'm being pedantic :-) > > > I believe > > the intent would be to use the same policy-id in each of the > > transports, to detect duplicates at the server, correct? > > No. The use of "Happy Eyeballs" is test and pick a transport using which TLS or > DTLS session can be established with the DOTS server (UDP has higher > precedence than TCP). > Once the session is established on a specific transport, there is no need to > send the mitigation request on both the transports. > [DD] Although the client desires only one request, if two sessions are initiated > simultaneously, both *might* succeed. My point is that the server should be > able to identify the duplicate -- and I think the "policy-id" field would be the > mechanism to detect duplicates, correct ? Yes, you are correct. The DOTS client identity will be used to check if the client has transmitted the same policy-id over a different transport and also to detect duplicates in a DTLS session over UDP. I will update the draft to clarify. Cheers, -Tiru > > > The document should say so. (Or if not, explain how duplicates are to > > be > > detected.) > > > > > > Also, has thought been given to preventing replay attacks? E.g., > > maliciously asking for mitigation by replaying a captured mitigation request? > > DTLS is capable of detecting replay attacks, see > https://tools.ietf.org/html/rfc6347#section-3.3. I will update the draft to say > Replay Detection using DTLS is mandatory for DOTS agents. > > -Tiru > > > > > > > > > -----Original Message----- > > From: Dots [mailto:dots-bounces@ietf.org] On Behalf Of Tirumaleswar > > Reddy > > (tireddy) > > Sent: Tuesday, February 21, 2017 4:31 AM > > To: dots@ietf.org > > Subject: Re: [Dots] New Version Notification for > > draft-reddy-dots-signal- channel-08.txt > > > > This revision > > https://tools.ietf.org/html/draft-reddy-dots-signal-channel-08 > > addresses comments from Ehud and Kaname. > > > > Major changes are: > > > > 1)DOTS mitigation request/response are marked as non-confirmable > > messages. Requests marked by the DOTS client as Non-confirmable > > messages are sent at regular intervals until a response is received > > from the DOTS server (See Section 5.3 for more details). > > > > (Thanks to the feedback from Flemming, Andrew and Ehud). > > > > 2)Added support for vendor specific parameters. > > > > 3)Added new Mitigation status parameters: bytes_dropped, bps_dropped, > > pkts_dropped and pps_dropped. > > > > Comments and suggestions are welcome. > > > > -Tiru > > > > > > > -----Original Message----- > > > From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] > > > Sent: Tuesday, February 21, 2017 2:28 PM > > > To: Prashanth Patil (praspati) <praspati@cisco.com>; Mohamed > > > Boucadair <mohamed.boucadair@orange.com>; Tirumaleswar Reddy > > > (tireddy) <tireddy@cisco.com> > > > Subject: New Version Notification for > > > draft-reddy-dots-signal-channel-08.txt > > > > > > > > > A new version of I-D, draft-reddy-dots-signal-channel-08.txt > > > has been successfully submitted by Tirumaleswar Reddy and posted to > > > the IETF repository. > > > > > > Name: draft-reddy-dots-signal-channel > > > Revision: 08 > > > Title: Distributed Denial-of-Service Open Threat Signaling (DOTS) > > > Signal Channel > > > Document date: 2017-02-21 > > > Group: Individual Submission > > > Pages: 46 > > > URL: https://www.ietf.org/internet-drafts/draft-reddy-dots-signal- > > > channel-08.txt > > > Status: https://datatracker.ietf.org/doc/draft-reddy-dots-signal- > > channel/ > > > Htmlized: https://tools.ietf.org/html/draft-reddy-dots-signal-channel- > 08 > > > Diff: https://www.ietf.org/rfcdiff?url2=draft-reddy-dots-signal- > > channel- > > > 08 > > > > > > Abstract: > > > This document specifies a mechanism that a DOTS client can use to > > > signal that a network is under a Distributed Denial-of-Service (DDoS) > > > attack to an upstream DOTS server so that appropriate mitigation > > > actions are undertaken (including, blackhole, drop, rate-limit, or > > > add to watch list) on the suspect traffic. The document specifies > > > the DOTS signal channel including Happy Eyeballs considerations. The > > > specification of the DOTS data channel is elaborated in a companion > > > document. > > > > > > > > > > > > > > > Please note that it may take a couple of minutes from the time of > > > submission until the htmlized version and diff are available at tools.ietf.org. > > > > > > The IETF Secretariat > > > > _______________________________________________ > > Dots mailing list > > Dots@ietf.org > > https://www.ietf.org/mailman/listinfo/dots
- Re: [Dots] New Version Notification for draft-red… Tirumaleswar Reddy (tireddy)
- Re: [Dots] New Version Notification for draft-red… Dave Dolson
- Re: [Dots] New Version Notification for draft-red… Xialiang (Frank)
- Re: [Dots] New Version Notification for draft-red… Tirumaleswar Reddy (tireddy)
- Re: [Dots] New Version Notification for draft-red… Dave Dolson
- Re: [Dots] New Version Notification for draft-red… Tirumaleswar Reddy (tireddy)