IETF Logo Mail Archive

Re: [Dots] I-D Action: draft-ietf-dots-signal-channel-29.txt

"Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com> Fri, 22 February 2019 16:20 UTC

Return-Path: <TirumaleswarReddy_Konda@mcafee.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7A95F130EA5; Fri, 22 Feb 2019 08:20:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.302
X-Spam-Level:
X-Spam-Status: No, score=-4.302 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mcafee.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ndZkUORT3jr1; Fri, 22 Feb 2019 08:20:31 -0800 (PST)
Received: from DNVWSMAILOUT1.mcafee.com (dnvwsmailout1.mcafee.com [161.69.31.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 55096130DEC; Fri, 22 Feb 2019 08:20:31 -0800 (PST)
X-NAI-Header: Modified by McAfee Email Gateway (5500)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mcafee.com; s=s_mcafee; t=1550852302; h=From: To:Subject:Thread-Topic:Thread-Index:Date: Message-ID:References:In-Reply-To:Accept-Language: Content-Language:X-MS-Has-Attach:X-MS-TNEF-Correlator: dlp-product:dlp-version:dlp-reaction:authentication-results: x-originating-ip:x-ms-publictraffictype:x-ms-office365-filtering-correlation-id: x-microsoft-antispam:x-ms-traffictypediagnostic: x-ms-exchange-purlcount:x-microsoft-exchange-diagnostics: x-microsoft-antispam-prvs:x-forefront-prvs: x-forefront-antispam-report:received-spf:x-ms-exchange-senderadcheck: x-microsoft-antispam-message-info:Content-Type: Content-Transfer-Encoding:MIME-Version:X-MS-Exchange-CrossTenant-Network-Message-Id: X-MS-Exchange-CrossTenant-originalarrivaltime: X-MS-Exchange-CrossTenant-fromentityheader: X-MS-Exchange-CrossTenant-id:X-MS-Exchange-CrossTenant-mailboxtype: X-MS-Exchange-Transport-CrossTenantHeadersStamped: X-OriginatorOrg:X-NAI-Spam-Flag:X-NAI-Spam-Level: X-NAI-Spam-Threshold:X-NAI-Spam-Score:X-NAI-Spam-Version; bh=dxXJymW41ovo0c/0guUgdC4vnlEMCZwnuv7l7S sMXTw=; b=PUMCHj7XtcUkvqykPv2GGWqKRXWMZjuj+zLE9G9X 1rSi+iff38awfobfIBZx1k4oXZ3AGQvjlexhCJTxgUcZJA6aue CL+Zyc8vS9BdyRSh5ZLPXTYtG+svpWM9CiGVSIZGnRyBkBTARc UoxfUnxNNGoIGcOcUacFZeyGdMuSYaI=
Received: from DNVEXAPP1N05.corpzone.internalzone.com (DNVEXAPP1N05.corpzone.internalzone.com [10.44.48.89]) by DNVWSMAILOUT1.mcafee.com with smtp (TLS: TLSv1/SSLv3,256bits,ECDHE-RSA-AES256-SHA384) id 2094_b5bd_29e8766a_e459_4147_a7ed_65882a491388; Fri, 22 Feb 2019 09:18:21 -0700
Received: from DNVEXAPP1N06.corpzone.internalzone.com (10.44.48.90) by DNVEXAPP1N05.corpzone.internalzone.com (10.44.48.89) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Fri, 22 Feb 2019 09:20:27 -0700
Received: from DNVO365EDGE2.corpzone.internalzone.com (10.44.176.74) by DNVEXAPP1N06.corpzone.internalzone.com (10.44.48.90) with Microsoft SMTP Server (TLS) id 15.0.1395.4 via Frontend Transport; Fri, 22 Feb 2019 09:20:27 -0700
Received: from NAM01-SN1-obe.outbound.protection.outlook.com (10.44.176.241) by edge.mcafee.com (10.44.176.74) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Fri, 22 Feb 2019 09:20:26 -0700
Received: from DM6PR16MB2794.namprd16.prod.outlook.com (20.178.225.219) by DM6PR16MB2473.namprd16.prod.outlook.com (20.177.217.30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1643.16; Fri, 22 Feb 2019 16:20:26 +0000
Received: from DM6PR16MB2794.namprd16.prod.outlook.com ([fe80::d8d0:f6b5:5c38:87b6]) by DM6PR16MB2794.namprd16.prod.outlook.com ([fe80::d8d0:f6b5:5c38:87b6%2]) with mapi id 15.20.1643.016; Fri, 22 Feb 2019 16:20:26 +0000
From: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com>
To: "dots@ietf.org" <dots@ietf.org>, "i-d-announce@ietf.org" <i-d-announce@ietf.org>
Thread-Topic: [Dots] I-D Action: draft-ietf-dots-signal-channel-29.txt
Thread-Index: AQHUysO2BSyTdnM0Qka7k+Ykw8xjSaXr/0pg
Date: Fri, 22 Feb 2019 16:20:26 +0000
Message-ID: <DM6PR16MB27941968A6A96F37C8A64E32EA7F0@DM6PR16MB2794.namprd16.prod.outlook.com>
References: <155084937056.5323.18401033305053602209@ietfa.amsl.com>
In-Reply-To: <155084937056.5323.18401033305053602209@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.2.0.6
dlp-reaction: no-action
authentication-results: spf=none (sender IP is ) smtp.mailfrom=TirumaleswarReddy_Konda@McAfee.com;
x-originating-ip: [185.221.69.46]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3b2a2c8e-669b-45e4-96f0-08d698e1a786
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605104)(2017052603328)(7153060)(7193020); SRVR:DM6PR16MB2473;
x-ms-traffictypediagnostic: DM6PR16MB2473:
x-ms-exchange-purlcount: 5
x-microsoft-exchange-diagnostics: 1; DM6PR16MB2473; 23:OybgKva6K/kDj9HsVeL2x1pq4BrJL6avhpmmP0oK/WM3DSX5J473FKG4vN9ySmNi9WE9kxFU6vexjoTSyx27g6EHfqVAE46dsf/BFkg+4vESghEFrpo1Cbv0Jk+Hc7PXSmthVtvxMsApCE3RGr/JJX1QpTAC4vIvgxs2PaHhsPPjlLJrG1RzUnkhTmpSItQJ4f8iPEURu28TgKDnAQ9ddBO39BhY6v9dWglBzuvVblTiYmgmXkWwkgpwJjkugfRvyH1n6lfhglCabFIIavcEYlAmP20nqvxF9uK3cEOnsVy9aJg/NoqUQkLncNqrNNj21OQ2ZFQFBkco9BUEOectDFvzoPJntCq17jNr31kCHc73uV+S/5oH2kyVpMLlr45C1ce72qESqJjlgepSNNaCl0AkBAm4Dd6AeE45ypjkBgeyG2040X5unGprhoIPCBRXMjIX0Nkx7nzBhZvFh1O8JjA2xp5WJWVk9m0arzlZex2MaXn4sXNJogxmPNZz9l2o/3/3pBUN/oKg7J8hSTjAdU6mpITW2pmwY6wQkeMP8rEvQB0tlB6ChO3zVHPg85Y25KEzXDF9WKEECHnPDu/pWWggMBSDoqk8/9dpYM2txc6ZU6iwckN4lmXaDnoaJSm5dd2OFfKXS/gXpZMf4+myjbSUdRdCpQy76xNPBZ0gonS3ml1aU/nnDXVAWiMUa0SQkZbETgRVy7SIJ0dMsOTJdNHq0Ce2WGtI6LAw/27vi7FxUgNFFKJdkNbn7l+nL24fXtTMnPX8UK3OUbOt7BiyaeI+qd3/gJNlK107TYvGNjJgAhf1oDZmCf78MgGqKsfoZHG075ReeJh16RfSYcSpi9WNfpjWZUkFw16Qx4nY/EUu5p0IWXOrO8mdyPZMVnEl6r49wKW1ofAlmJEVAHyMXJyLMDsjsU/vh08/DYJYept6+dzIQvb9zDFgdtiNCE+CT/YYTf6ybFCuIqTMGY+VINyAqPdaER05TzACX3VEcn7TZ5VzwlPMysw3u75MVSqZs+5D7hLIgEtvZ6h0LNQbZr5UoeLBXu964eyW69qxNdd5e2Y/9ShwaEIOJ10LXTzTVo9QemYC4aiu+WXT5LWMHcMwHcCKzp26Ow0vo1B+ThcblTPZ3FGmHpWk0VChcPW9b7EsTDdcvsbJrgYHpUx8W3gnlHxNTjrosNg9R5/o1MrJgQTJbNIHPrRmjpGN5OEzUZnBwTIxuzKV1pDgrVm5mUUVFKI5nLlASjaFSkEx7A8BE20Ukre6RaujRjDPoxQKIv+e7yQHAZ1OoW/d6G9nEnvHTkctbeoXKfu17+5DHmK1peJ3P1G+7AVhL7rqb4b4c/vtyjaDJYoh0M5uD2XPj85VG2yuKYwkN4Z9NX4YrGPy+KYyZZ4nsZoesyWNZt2QeLNc1xDILagtGZm76Cgddg==
x-microsoft-antispam-prvs: <DM6PR16MB2473B9E73DB4718715545389EA7F0@DM6PR16MB2473.namprd16.prod.outlook.com>
x-forefront-prvs: 09565527D6
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(346002)(136003)(366004)(39860400002)(376002)(13464003)(199004)(189003)(32952001)(72206003)(76176011)(966005)(66574012)(316002)(6506007)(14454004)(450100002)(102836004)(3846002)(66066001)(6436002)(6116002)(486006)(2906002)(53936002)(5660300002)(5024004)(256004)(99286004)(25786009)(106356001)(7696005)(110136005)(14444005)(11346002)(68736007)(8936002)(8676002)(6306002)(446003)(81166006)(81156014)(55016002)(71200400001)(71190400001)(9686003)(33656002)(7736002)(478600001)(26005)(6246003)(105586002)(97736004)(80792005)(305945005)(86362001)(74316002)(53546011)(186003)(2501003)(476003)(229853002)(85282002); DIR:OUT; SFP:1101; SCL:1; SRVR:DM6PR16MB2473; H:DM6PR16MB2794.namprd16.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: McAfee.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: xeGTaBA/uds9Rpt2t16609G6h2I9jfUU6wJk0j+qyftdgsB+pQJWTkqTm9+wAZdDNIk+gPRy8pl8rIQuByTE0jTGz0IlsGub9gDVz7L4Vcp0lQ1sCHG3bbU79PWvSg0s5yFRLHox2dItpFolTMRU/kxngvgPkn5WeEyB2Gyq5qX0/KUcnmOjlDT3EEj8SOnypQ0Kwsny6DmNfjsvC/9K05OP9XxzmzcUs1kA0ZTFDvJSBMDjQU4xS6e4gIxgq0XIvL//JNXQlNID6VicrS9C0gqmpmXPO0ZMsuaoVmy6vy8vGTPfqI9Zq4O1fp5Bu8u+Y9zg2tB8JRIV3LXyAWgz9Bpa7UwxtZjgYqvva04JiRb/d13W2IoHbCQxtru1//COLTLiJTgwQgoG2VgZNMMrrb7lboiBmFmFeBsTlYzY9cg=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 3b2a2c8e-669b-45e4-96f0-08d698e1a786
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Feb 2019 16:20:26.4282 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4943e38c-6dd4-428c-886d-24932bc2d5de
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR16MB2473
X-OriginatorOrg: mcafee.com
X-NAI-Spam-Flag: NO
X-NAI-Spam-Level:
X-NAI-Spam-Threshold: 15
X-NAI-Spam-Score: 0.1
X-NAI-Spam-Version: 2.3.0.9418 : core <6489> : inlines <7020> : streams <1813789> : uri <2800583>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/Jxx0rWWO2enONuji8ZB-DDQrRvs>
Subject: Re: [Dots] I-D Action: draft-ietf-dots-signal-channel-29.txt
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Feb 2019 16:20:34 -0000

Hi Med,

Couple of Nits:

1)
OLD:
Likewise, 'sid' value is	
monotonically increased by the DOTS client for each configuration	
session, attackers replaying configuration requests with lower	
numeric 'sid' values will be rejected by the DOTS server if it	
maintains a higher numeric 'sid' value for this DOTS client.

NEW:
Likewise, 'sid' value is	
monotonically increased by the DOTS client for each configuration	
request, attackers replaying configuration requests with lower	
numeric 'sid' values will be rejected by the DOTS server if it	
maintains a higher numeric 'sid' value for this DOTS client.

2)
Define 'idle' time (i.e. when no attack traffic is present).

-Tiru

> -----Original Message-----
> From: Dots <dots-bounces@ietf.org> On Behalf Of internet-drafts@ietf.org
> Sent: Friday, February 22, 2019 9:00 PM
> To: i-d-announce@ietf.org
> Cc: dots@ietf.org
> Subject: [Dots] I-D Action: draft-ietf-dots-signal-channel-29.txt
> 
> This email originated from outside of the organization. Do not click links or
> open attachments unless you recognize the sender and know the content is safe.
> 
> 
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the DDoS Open Threat Signaling WG of the IETF.
> 
>         Title           : Distributed Denial-of-Service Open Threat Signaling (DOTS)
> Signal Channel Specification
>         Authors         : Tirumaleswar Reddy
>                           Mohamed Boucadair
>                           Prashanth Patil
>                           Andrew Mortensen
>                           Nik Teague
> 	Filename        : draft-ietf-dots-signal-channel-29.txt
> 	Pages           : 99
> 	Date            : 2019-02-22
> 
> Abstract:
>    This document specifies the DOTS signal channel, a protocol for
>    signaling the need for protection against Distributed Denial-of-
>    Service (DDoS) attacks to a server capable of enabling network
>    traffic mitigation on behalf of the requesting client.
> 
>    A companion document defines the DOTS data channel, a separate
>    reliable communication layer for DOTS management and configuration
>    purposes.
> 
> Editorial Note (To be removed by RFC Editor)
> 
>    Please update these statements within the document with the RFC
>    number to be assigned to this document:
> 
>    o  "This version of this YANG module is part of RFC XXXX;"
> 
>    o  "RFC XXXX: Distributed Denial-of-Service Open Threat Signaling
>       (DOTS) Signal Channel Specification";
> 
>    o  "| [RFCXXXX] |"
> 
>    o  reference: RFC XXXX
> 
>    Please update this statement with the RFC number to be assigned to
>    the following documents:
> 
>    o  "RFC YYYY: Distributed Denial-of-Service Open Threat Signaling
>       (DOTS) Data Channel Specification (used to be I-D.ietf-dots-data-
>       channel)
> 
>    Please update TBD/TBD1/TBD2 statements with the assignments made by
>    IANA to DOTS Signal Channel Protocol.
> 
>    Also, please update the "revision" date of the YANG modules.
> 
> 
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-dots-signal-channel/
> 
> There are also htmlized versions available at:
> https://tools.ietf.org/html/draft-ietf-dots-signal-channel-29
> https://datatracker.ietf.org/doc/html/draft-ietf-dots-signal-channel-29
> 
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-dots-signal-channel-29
> 
> 
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> 
> _______________________________________________
> Dots mailing list
> Dots@ietf.org
> https://www.ietf.org/mailman/listinfo/dots

v2.23.0 | Report a Bug | By Email