Re: [Dots] TR: New Version Notification for draft-nishizuka-dots-signal-control-filtering-02.txt
<mohamed.boucadair@orange.com> Mon, 11 February 2019 07:39 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1DA88130EA3 for <dots@ietfa.amsl.com>; Sun, 10 Feb 2019 23:39:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OFIM3njZJnsF for <dots@ietfa.amsl.com>; Sun, 10 Feb 2019 23:39:53 -0800 (PST)
Received: from orange.com (mta136.mail.business.static.orange.com [80.12.70.36]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5E669130E63 for <dots@ietf.org>; Sun, 10 Feb 2019 23:39:53 -0800 (PST)
Received: from opfednr04.francetelecom.fr (unknown [xx.xx.xx.68]) by opfednr23.francetelecom.fr (ESMTP service) with ESMTP id 43yd3W2pZGz5w6L; Mon, 11 Feb 2019 08:39:51 +0100 (CET)
Received: from Exchangemail-eme2.itn.ftgroup (unknown [xx.xx.31.61]) by opfednr04.francetelecom.fr (ESMTP service) with ESMTP id 43yd3W24ySz1xpT; Mon, 11 Feb 2019 08:39:51 +0100 (CET)
Received: from OPEXCAUBM21.corporate.adroot.infra.ftgroup (10.114.13.29) by OPEXCLILM7E.corporate.adroot.infra.ftgroup (10.114.31.61) with Microsoft SMTP Server (TLS) id 14.3.435.0; Mon, 11 Feb 2019 08:39:51 +0100
Received: from OPEXCAUBMA2.corporate.adroot.infra.ftgroup ([fe80::e878:bd0:c89e:5b42]) by OPEXCAUBM21.corporate.adroot.infra.ftgroup ([fe80::d42b:2e80:86c2:5905%18]) with mapi id 14.03.0435.000; Mon, 11 Feb 2019 08:39:50 +0100
From: mohamed.boucadair@orange.com
To: Takahiko Nagata <nagata@lepidum.co.jp>, "dots@ietf.org" <dots@ietf.org>
Thread-Topic: [Dots] TR: New Version Notification for draft-nishizuka-dots-signal-control-filtering-02.txt
Thread-Index: AQHUsZSTGMTSbdBqkk2xGa77+OXjFKW5xiYAgB7w/wCAAZ29EA==
Date: Mon, 11 Feb 2019 07:39:50 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B93302EA1D1CA@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
References: <154808047532.8261.13887766521569519982.idtracker@ietfa.amsl.com> <787AE7BB302AE849A7480A190F8B93302EA0AFE4@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <9a6d0548-1b2d-3837-a5d4-12490aa46e99@lepidum.co.jp>
In-Reply-To: <9a6d0548-1b2d-3837-a5d4-12490aa46e99@lepidum.co.jp>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.13.245]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/O2nfaPeeYO_oRRpzNBletgytniI>
Subject: Re: [Dots] TR: New Version Notification for draft-nishizuka-dots-signal-control-filtering-02.txt
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Feb 2019 07:39:56 -0000
Hi Takahiko, The parameters used in the initial request must be repeated in the refresh request to modify the control filtering. Please note that sending only acl-list attributes in a PUT will fail because of the checks against mandatory attributes: In the PUT request at least one of the attributes 'target-prefix', 'target-fqdn','target-uri', or 'alias-name' MUST be present. ... If the request is missing a mandatory attribute, does not include 'cuid' or 'mid' Uri-Path options, includes multiple 'scope' parameters, or contains invalid or unknown parameters, the DOTS server MUST reply with 4.00 (Bad Request). Cheers, Med > -----Message d'origine----- > De : Dots [mailto:dots-bounces@ietf.org] De la part de Takahiko Nagata > Envoyé : dimanche 10 février 2019 08:52 > À : dots@ietf.org > Objet : Re: [Dots] TR: New Version Notification for draft-nishizuka-dots- > signal-control-filtering-02.txt > > Hi Med, all, > > Thank you for updated draft. > > I have a question for usecase of this draft -03 specification. > > (Question) Would we allow using Mitigation request with > only control-filtering attributes? > > This mean, PUT SignalChannel Mitigation request with > only acl-list (without any target-xxx). > > Usecase: > Only update status of DataChannel ACL during a DDoS attack. > (If DataChannel ACL is enough for protection. ) > > > Best Regards, > Takahiko Nagata > > On 2019/01/21 23:25, mohamed.boucadair@orange.com wrote: > > Hi Takahiko, > > > > I updated the draft to take into account your comments: > > > > * Make sure that by default, the data channel is used for ACL-related > operations. > > * No update is required to efficacy update, get, and delete. > > > > Please let us know if the changes addresses your comments. > > > > Don't hesitate to share any further comment you may have. Thanks. > > > > Cheers, > > Med > > > >> -----Message d'origine----- > >> De : internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] > >> Envoyé : lundi 21 janvier 2019 15:21 > >> À : Takahiko Nagata; Tirumaleswar Reddy; BOUCADAIR Mohamed TGI/OLN; Reddy > K; > >> Kaname Nishizuka > >> Objet : New Version Notification for draft-nishizuka-dots-signal-control- > >> filtering-02.txt > >> > >> > >> A new version of I-D, draft-nishizuka-dots-signal-control-filtering-02.txt > >> has been successfully submitted by Mohamed Boucadair and posted to the > >> IETF repository. > >> > >> Name: draft-nishizuka-dots-signal-control-filtering > >> Revision: 02 > >> Title: Controlling Filtering Rules Using DOTS Signal Channel > >> Document date: 2019-01-21 > >> Group: Individual Submission > >> Pages: 15 > >> URL: https://www.ietf.org/internet-drafts/draft-nishizuka-dots- > >> signal-control-filtering-02.txt > >> Status: https://datatracker.ietf.org/doc/draft-nishizuka-dots- > signal- > >> control-filtering/ > >> Htmlized: https://tools.ietf.org/html/draft-nishizuka-dots-signal- > >> control-filtering-02 > >> Htmlized: https://datatracker.ietf.org/doc/html/draft-nishizuka- > dots- > >> signal-control-filtering > >> Diff: https://www.ietf.org/rfcdiff?url2=draft-nishizuka-dots- > >> signal-control-filtering-02 > >> > >> Abstract: > >> This document specifies an extension to the DOTS signal channel to > >> control the filtering rules when an attack mitigation is active. > >> > >> Particularly, this extension allows a DOTS client to activate or de- > >> activate filtering rules during a DDoS attack. The characterization > >> of these filtering rules is supposed to be conveyed by a DOTS client > >> during peace time by means of DOTS data channel. > >> > >> Editorial Note (To be removed by RFC Editor) > >> > >> Please update these statements within the document with the RFC > >> number to be assigned to this document: > >> > >> o "This version of this YANG module is part of RFC XXXX;" > >> > >> o "RFC XXXX: Controlling Filtering Rules Using DOTS Signal Channel"; > >> > >> o reference: RFC XXXX > >> > >> o [RFCXXXX] > >> > >> Please update these statements with the RFC number to be assigned to > >> the following documents: > >> > >> o "RFC SSSS: Distributed Denial-of-Service Open Threat Signaling > >> (DOTS) Signal Channel Specification" (used to be > >> [I-D.ietf-dots-signal-channel]) > >> > >> o "RFC DDDD: Distributed Denial-of-Service Open Threat Signaling > >> (DOTS) Data Channel Specification" (used to be > >> [I-D.ietf-dots-data-channel]) > >> > >> Please update the "revision" date of the YANG module. > >> > >> > >> > >> > >> Please note that it may take a couple of minutes from the time of > submission > >> until the htmlized version and diff are available at tools.ietf.org. > >> > >> The IETF Secretariat > > > > -- > ============================= > 株式会社レピダム > 永田 貴彦 > > Mail: nagata@lepidum.co.jp > Tel: 03-6276-5103 > > 〒151-0071 > 東京都渋谷区本町3-12-1 住友不動産西新宿ビル6号館 > ============================= > > _______________________________________________ > Dots mailing list > Dots@ietf.org > https://www.ietf.org/mailman/listinfo/dots
- [Dots] TR: New Version Notification for draft-nis… mohamed.boucadair
- Re: [Dots] TR: New Version Notification for draft… Takahiko Nagata
- Re: [Dots] TR: New Version Notification for draft… mohamed.boucadair
- Re: [Dots] TR: New Version Notification for draft… mohamed.boucadair