IETF Logo Mail Archive

Re: [Dots] WGLC for draft-ietf-dots-telemetry-use-cases-04

H Y <yuuhei.hayashi@gmail.com> Fri, 11 February 2022 07:40 UTC

Return-Path: <yuuhei.hayashi@gmail.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A9713A0D81; Thu, 10 Feb 2022 23:40:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.098
X-Spam-Level:
X-Spam-Status: No, score=-7.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6F6hOlxuC5sE; Thu, 10 Feb 2022 23:40:17 -0800 (PST)
Received: from mail-ed1-x52a.google.com (mail-ed1-x52a.google.com [IPv6:2a00:1450:4864:20::52a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 607D73A0D66; Thu, 10 Feb 2022 23:40:17 -0800 (PST)
Received: by mail-ed1-x52a.google.com with SMTP id da4so15066194edb.4; Thu, 10 Feb 2022 23:40:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=4sh5vq7el0RJqidn22PIOu9c7ErKN5lBd6lB7mdTDvA=; b=IouiZRP37uDCei5H+Av9KVJIo9th/kRz1uuH2qu/wxTtyv3jnLfHRuU4XdDWngHIZx drhLGLxL903E2pLJUfGplO9itHcbby5exNeMRA7AnQkG+WUZXBm2wCSBDOb4iqE5j47z 0uY1ZDrbX5IBoHvVj9fhWlRp3tubbRCnDGPWp6ake/MQ4H24mRnFKxDcT9bkL77PIBjF NOuSHxM3uTibRW1TAoCFzqJGgxlKrBbigfGH5HvRkNuf+Ok/5ZSrG7L+7n2bivwIryrP UmvVxbHlTJPFcBxrv6j74IBkOMU58Jz5K9MosIPTSrZnS9VG03fFN8cD2NG9uUiQxDPS A28A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=4sh5vq7el0RJqidn22PIOu9c7ErKN5lBd6lB7mdTDvA=; b=ft1Nuao6+PZlyzCblc5vc+7YeI+KAL/wnvMbZNEjOUGrZNR3JWpU0T2b1QiU4GeP/K wuN4laDICFHVYEhsCQEYRanEhU4SNtGbQEwQ9vieH0gcTLkOJypFGTLZFzt7jZB8u21m feUjayg1WlHMkQ3fPwBTOoh/OOgTI9SK+ey87PvHLrZuWcAINqpc3IMUJqq4T0Bi9r2s V07SxcQVlEep4wN3J3PbxR2VBhqWctBzmQpzmDC7a5gOHYmXZAVSroQiFB9SsvsJi18w /bq25PZ44/8HhN2jkTr+/JeTU3Om7dX1dkGBLfIRhfmx4dD4v7BCoVfQf7WCMjjEDro5 exGQ==
X-Gm-Message-State: AOAM532vqKDIPT6ASmTTgNGMLbP4/l/uKjXQwS+FKRYz5DsGE0m2pr84 sYEHLsh+c6X4l5IKPwRGuumwVLQlAUfxV7NrG3Q=
X-Google-Smtp-Source: ABdhPJxtiWfW4aE67HredBrA0jQX+IWMhDi8TPVc9Km6Jp9Y0fIW4OViUAj8b41+oPgzGZI59EazqaMBkzO5t2z92QM=
X-Received: by 2002:aa7:dc4b:: with SMTP id g11mr547613edu.340.1644565214585; Thu, 10 Feb 2022 23:40:14 -0800 (PST)
MIME-Version: 1.0
References: <181601d81da8$0cee3a80$26caaf80$@smyslov.net> <23921_1644415165_6203C8BD_23921_233_1_787AE7BB302AE849A7480A190F8B93303548ECDA@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <CAA8pjUPRUXSOwf-1EBA4BsDb7aYw792n59FUJFvzPYCKqNTcUg@mail.gmail.com> <CAA8pjUOrYQnJrzwcAhzmp5FMBDm__u4UomCYFDLDD7G09zNPnA@mail.gmail.com> <17353_1644562189_6206070D_17353_218_1_787AE7BB302AE849A7480A190F8B93303549155E@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
In-Reply-To: <17353_1644562189_6206070D_17353_218_1_787AE7BB302AE849A7480A190F8B93303549155E@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
From: H Y <yuuhei.hayashi@gmail.com>
Date: Fri, 11 Feb 2022 16:40:07 +0900
Message-ID: <CAA8pjUMeu0apgO6BZ0h2gq7x+KsOg0GOSH_SnznkRh1hNNuGgQ@mail.gmail.com>
To: Mohamed Boucadair <mohamed.boucadair@orange.com>
Cc: "dots@ietf.org" <dots@ietf.org>, "dots-chairs@ietf.org" <dots-chairs@ietf.org>, Valery Smyslov <valery@smyslov.net>, "draft-ietf-dots-telemetry-use-cases@ietf.org" <draft-ietf-dots-telemetry-use-cases@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/KFZ6FwskEqdmh3lgdCJhgX_6kZM>
Subject: Re: [Dots] WGLC for draft-ietf-dots-telemetry-use-cases-04
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Feb 2022 07:40:23 -0000

Hi Med,

I got it. I misunderstood the way to use "attack-description".

>You may consider removing them but add some text to recall the attack mapping over the data channel.
I will remove the "attack-description".

Thanks,
Yuhei

2022年2月11日(金) 15:49 <mohamed.boucadair@orange.com>:
>
> Hi Yuhei,
>
> One quick comment about:
>
> ==
>             "attack-description": "DNS amplification Attack: This attack is a type of reflection attack in which attackers spoofes a target's IP address. The attackers abuses vulnerbilities in DNS servers to turn small queries into larger payloads."
> ==
>
> and
>
> ==
>             "attack-description":"NTP amplification Attack: This attack is a type of reflection attack in which attackers spoofes a target's IP address. The attackers abuses vulnerbilities in NTP servers to turn small queries into larger payloads."
> ==
>
> Please note that the telemetry spec says the following:
>
>    When conveying attack details in DOTS telemetry messages (Sections
>    8.2, 8.3, and 9), DOTS agents MUST NOT include the 'attack-
>    description' attribute unless the corresponding attack mapping
>    details were not previously shared with the peer DOTS agent.
>
> So, the text should explain why "attack-description" attributes are present in the example.
>
> You may consider removing them but add some text to recall the attack mapping over the data channel.
>
> Thank you.
>
> Cheers,
> Med
>
> > -----Message d'origine-----
> > De : Dots <dots-bounces@ietf.org> De la part de H Y
> > Envoyé : vendredi 11 février 2022 05:16
> > À : dots@ietf.org
> > Cc : dots-chairs@ietf.org; Valery Smyslov <valery@smyslov.net>;
> > BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com>; draft-ietf-
> > dots-telemetry-use-cases@ietf.org
> > Objet : Re: [Dots] WGLC for draft-ietf-dots-telemetry-use-cases-04
> >
> > Hi all,
> >
> > We modified some nits and upload as 05. We will add some description to
> > clarify our use cases.
> >
> > Comments are welcome.
> >
> > Thanks,
> > Yuhei
> >
> > 2022年2月9日(水) 23:34 H Y <yuuhei.hayashi@gmail.com>:
> > >
> > > Hi Med,
> > >
> > > Thank you for your comments and suggestions.
> > >
> > > I will revise the draft in a few days.
> > >
> > > Thanks,
> > > Yuhei
> > >
> > > 2022年2月9日(水) 22:59 <mohamed.boucadair@orange.com>:
> > > >
> > > > Hi Valery, all,
> > > >
> > > > I support advancing this document, but I think a revised version is
> > needed.
> > > >
> > > > FWIW, some comments and suggestions can be found at:
> > > > * pdf:
> > > > https://raw.githubusercontent.com/boucadair/IETF-Drafts-Reviews/mast
> > > > er/draft-ietf-dots-telemetry-use-cases-04-rev%20Med.pdf
> > > > * doc:
> > > > https://github.com/boucadair/IETF-Drafts-Reviews/raw/master/draft-ie
> > > > tf-dots-telemetry-use-cases-04-rev%20Med.doc
> > > >
> > > > Cheers,
> > > > Med
> > > >
> > > > > -----Message d'origine-----
> > > > > De : Dots <dots-bounces@ietf.org> De la part de Valery Smyslov
> > > > > Envoyé : mercredi 9 février 2022 12:28 À : dots@ietf.org Cc :
> > > > > dots-chairs@ietf.org; draft-ietf-dots-telemetry-use-cases@ietf.org
> > > > > Objet : [Dots] WGLC for draft-ietf-dots-telemetry-use-cases-04
> > > > >
> > > > > Hi,
> > > > >
> > > > > this message starts a two-week working group last call for
> > > > > draft-ietf- dots-telemetry-use-cases-04.
> > > > > The WGLC will end on Thursday, February 24. Please, review the
> > > > > draft and send your comments to the mailing list.
> > > > >
> > > > > Regards,
> > > > > Frank & Valery.
> > > > >
> > > > > _______________________________________________
> > > > > Dots mailing list
> > > > > Dots@ietf.org
> > > > > https://www.ietf.org/mailman/listinfo/dots
> > > >
> > > > ____________________________________________________________________
> > > > _____________________________________________________
> > > >
> > > > Ce message et ses pieces jointes peuvent contenir des informations
> > > > confidentielles ou privilegiees et ne doivent donc pas etre
> > > > diffuses, exploites ou copies sans autorisation. Si vous avez recu
> > > > ce message par erreur, veuillez le signaler a l'expediteur et le
> > detruire ainsi que les pieces jointes. Les messages electroniques etant
> > susceptibles d'alteration, Orange decline toute responsabilite si ce
> > message a ete altere, deforme ou falsifie. Merci.
> > > >
> > > > This message and its attachments may contain confidential or
> > > > privileged information that may be protected by law; they should not
> > be distributed, used or copied without authorisation.
> > > > If you have received this email in error, please notify the sender
> > and delete this message and its attachments.
> > > > As emails may be altered, Orange is not liable for messages that
> > have been modified, changed or falsified.
> > > > Thank you.
> > > >
> > >
> > >
> > > --
> > > ----------------------------------
> > > Yuuhei HAYASHI
> > > 08065300884
> > > yuuhei.hayashi@gmail.com
> > > iehuuy_0220@docomo.ne.jp
> > > ----------------------------------
> >
> >
> >
> > --
> > ----------------------------------
> > Yuuhei HAYASHI
> > 08065300884
> > yuuhei.hayashi@gmail.com
> > iehuuy_0220@docomo.ne.jp
> > ----------------------------------
>
> _________________________________________________________________________________________________________________________
>
> Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
> pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
> a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
> Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
>
> This message and its attachments may contain confidential or privileged information that may be protected by law;
> they should not be distributed, used or copied without authorisation.
> If you have received this email in error, please notify the sender and delete this message and its attachments.
> As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
> Thank you.
>


-- 
----------------------------------
Yuuhei HAYASHI
08065300884
yuuhei.hayashi@gmail.com
iehuuy_0220@docomo.ne.jp
----------------------------------

v2.23.0 | Report a Bug | By Email