Re: [Dots] Target-Attack-type expansion: more discussion

Töma Gavrichenkov <> Mon, 06 May 2019 10:53 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 999D5120142 for <>; Mon, 6 May 2019 03:53:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id sF2dRMM2hoSq for <>; Mon, 6 May 2019 03:53:26 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::c35]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E421E120077 for <>; Mon, 6 May 2019 03:53:25 -0700 (PDT)
Received: by with SMTP id n76so1335761ywd.1 for <>; Mon, 06 May 2019 03:53:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=E7gmvNKYAsa8h3KVPWLV5uCP+mOgPiO5AsVOOmpm8M8=; b=cz99a72rFnlkbWXjKXCw3ndwieg7Ub+rNpeNnYcvUfkFfc221IN8zbP1N/+1b6wV/X 0KUV9/EpVVFvmnJToLH7I9l3FT4EvjIVe8XrB9YQ0GM55E8vYGZNpCjiHjY0wcEeeolD t0r9RBH7HrxYlzoe74g008rnnC/pYCvR7sLHJTToRXL6J4WgXQKsGjRbZNaUXcflsaqD ddN7d0t2FRMBDXHM4yd78ezKb+okpG7ZCKi52ale+NDmOLXbrUfe9xW3Q34lm+jNHk6/ Fxkk476RAUI7cs9fROWhCowzw7Voi9GV3OqCgWRtPeTCYyauKgWzpn2KjogCklE4Ay3+ yjOg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=E7gmvNKYAsa8h3KVPWLV5uCP+mOgPiO5AsVOOmpm8M8=; b=a0KNZ1dt8Bd+DDNqThrC/5x2cNybTcbBkq7bb4LhZULukhCjKqo93XXStWEYa9G5DW 00xPGbtJa0tjWY/HBn9XeK1sfHXZqjObMXXSUeDF1SkRMdIruUkLLWLc1jkpTjMt2lEU EfYGOUR+ZvEYYsrwkEee2nIT2C2UBYa6iKwjispwM81hwdvRj2aCBNBmfU40kFOef5ZF WYL/FMaOKyj/D++53ZDswsORT30cE/vyFrY4mzMiCiGLQ6tlJS7QirHG8ucsRabmG2DG pV09Qz3PEWPDND2zd2IfgUFpE0Mb1dzIvPZN9Fgha364liaycMUDJjVJN2Bj911AgJsu 7gUg==
X-Gm-Message-State: APjAAAVfIqku0gqVYb6wNEmdmk8PbuJ5iJGqy/rBz2fxtpQ8gjb3afwb MUiaGzR+lRqWK+HTO6jVHpSyrQvlrHhVTBBz8C8hVQo4
X-Google-Smtp-Source: APXvYqxhVgBkXvxcLYcNoCE0aiPRPnVFhSWJe9Oq6qMY2gJZLkYDlLF5wKriUCuUkGmeocdeF/avYRo/2dliZ5MSEcY=
X-Received: by 2002:a25:ac68:: with SMTP id r40mr15901593ybd.357.1557140003869; Mon, 06 May 2019 03:53:23 -0700 (PDT)
MIME-Version: 1.0
References: <> <> <> <> <>
In-Reply-To: <>
From: Töma Gavrichenkov <>
Date: Mon, 06 May 2019 13:52:58 +0300
Message-ID: <>
To: MeiLing Chen <>
Cc: dots <>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
Subject: Re: [Dots] Target-Attack-type expansion: more discussion
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 06 May 2019 10:53:28 -0000

On Mon, May 6, 2019 at 1:10 PM MeiLing Chen <> wrote:
> Actually, It is more inclined to use TCP/IP four-layer protocol.

Which layer is QUIC then?

The Internet protocol suite is not really layered.  OSI model is, but
the IETF as a whole tends to slip away from the layered model.  To
quote Christian Huitema:

"There is also beauty in *not* having a layered architecture [..]. It
is great to see transport functions like acknowledgement or flow
control fully contained in the Quic transport. Quic is about transport
innovation, and that pretty much requires direct access to the network
API. In practice, layered implementation hide that API, so the
transport developers have to constantly negotiate with the
intermediate layer developers."

I would strongly oppose a classification based on "exploited protocol
layers".  As attractive as it is academically, it makes operational
issues more opaque.