Re: [Dots] Attack-bandwidth expansion: more discussion

"MeiLing Chen" <chenmeiling@chinamobile.com> Thu, 04 April 2019 09:26 UTC

Return-Path: <chenmeiling@chinamobile.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 02720120470 for <dots@ietfa.amsl.com>; Thu, 4 Apr 2019 02:26:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.189
X-Spam-Level:
X-Spam-Status: No, score=-1.189 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dPlU1n2VXZj9 for <dots@ietfa.amsl.com>; Thu, 4 Apr 2019 02:26:23 -0700 (PDT)
Received: from cmccmta3.chinamobile.com (cmccmta3.chinamobile.com [221.176.66.81]) by ietfa.amsl.com (Postfix) with ESMTP id DC0D81203FB for <dots@ietf.org>; Thu, 4 Apr 2019 02:26:20 -0700 (PDT)
Received: from spf.mail.chinamobile.com (unknown[172.16.121.17]) by rmmx-syy-dmz-app11-12011 (RichMail) with SMTP id 2eeb5ca5cdba485-16423; Thu, 04 Apr 2019 17:26:19 +0800 (CST)
X-RM-TRANSID: 2eeb5ca5cdba485-16423
X-RM-TagInfo: emlType=0
X-RM-SPAM-FLAG: 00000000
Received: from cmcc-PC (unknown[10.2.51.21]) by rmsmtp-syy-appsvr09-12009 (RichMail) with SMTP id 2ee95ca5cdbabd0-f5a22; Thu, 04 Apr 2019 17:26:19 +0800 (CST)
X-RM-TRANSID: 2ee95ca5cdbabd0-f5a22
Date: Thu, 04 Apr 2019 17:26:29 +0800
From: MeiLing Chen <chenmeiling@chinamobile.com>
To: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com>, dots <dots@ietf.org>
References: <2afb5c9deef06d0-00008.Richmail.00007050166234752489@chinamobile.com>, <BYAPR16MB2790DB27C3CAF49D6B87955BEA550@BYAPR16MB2790.namprd16.prod.outlook.com>
X-Priority: 3
X-Has-Attach: no
X-Mailer: Foxmail 7.2.9.115[cn]
Mime-Version: 1.0
Message-ID: <2019040417262909803722@chinamobile.com>
Content-Type: multipart/alternative; boundary="----=_001_NextPart274755583251_=----"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/LLBQOzibMmeQqCGvn99wxVj1xtM>
Subject: Re: [Dots] Attack-bandwidth expansion: more discussion
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Apr 2019 09:26:27 -0000

I have read the draft-doron-dots-telemetry-00, it is not neccessary to add all the parameters contained in the draft of draft-doron-dots-telemetry-00;
When discuss a parameter is needed for signal channel expansion or not, there are two problems we need to take into consideration: 1, if the attack target can provide the message? 2, if the parameter can really efficent for mitigation?
so far, network device can provide attack-bandwidth and attack-type and  this two drafts will be merged into a single draft. 



祝好!
chenmeiling(陈美玲)
--------------------------------------------------------------------------------------
中国移动通信有限公司研究院
安全技术研究所
邮箱:chenmeiling@chinamobile.com
手机:13810149515
电话:15801696688-34283
地址:北京市西城区宣武门西大街32号(移动创新大厦)
 
From: Konda, Tirumaleswar Reddy
Date: 2019-04-01 21:37
To: 陈美玲; dots
Subject: RE: [Dots] Attack-bandwidth expansion: more discussion
We published a draft https://tools.ietf.org/html/draft-doron-dots-telemetry-00 discussing various DOTS telemetry including total attack traffic, but at that the decision was to focus only on the mandatory attributes in the DOTS signal channel draft.  Now that the core protocols are almost ready, I think it’s right time to look into the telemetry attributes. We should probably discuss and consolidate the DOTS telemetry attributes in a single draft. 
 
Cheers,
-Tiru
 
From: Dots <dots-bounces@ietf.org> On Behalf Of ???
Sent: Friday, March 29, 2019 4:37 PM
To: dots <dots@ietf.org>
Subject: [Dots] Attack-bandwidth expansion: more discussion
 
CAUTION: External email. Do not click links or open attachments unless you recognize the sender and know the content is safe.


Hi everyone,
Due to time constraints during my presentation, we hadn't make much more discuss yesterday, 
I'd like to continue discussion of these topics in the mail if you have any questions about this draft. 
 
MeiLing Chen
--------------------------------------------------------------------------------------
Research institute of China mobile communications co. LTD
Institute of safety technology
Email address: chenmeiling@chinamobile.com
Phone: 13810149515
Address: no. 32, xuanwumen west street, xicheng district, Beijing (mobile innovation building)