IETF Logo Mail Archive

Re: [Dots] Questions about draft-doron-dots-telemetry-00

"Dobbins, Roland" <rdobbins@arbor.net> Thu, 17 November 2016 16:59 UTC

Return-Path: <rdobbins@arbor.net>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 998D3129509 for <dots@ietfa.amsl.com>; Thu, 17 Nov 2016 08:59:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.021
X-Spam-Level:
X-Spam-Status: No, score=-2.021 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=arbor.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JblDs2ZSA20g for <dots@ietfa.amsl.com>; Thu, 17 Nov 2016 08:59:24 -0800 (PST)
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0098.outbound.protection.outlook.com [104.47.41.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5758E12949A for <dots@ietf.org>; Thu, 17 Nov 2016 08:59:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=arbor.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=+WfgrZLboFRcN6H8i4We5NqFWeRjKNtcYKbCHoYFEm8=; b=kjhVj3XwgG7wiyS2K4RiWmbIFWyPjbI409d4HNUsEg6ZYDzTxALDrq0Wsp29mI59eQ19fmaaTd/cqfci0Bw6RHwb3gyHyUg8jsDEo2ux38TFp9SOnwLShgIVYqdOFgbfTfFl0kFtDdkuyrHQ8xWv3Ld7/E2dEMAiVZoMEyQBcwM=
Received: from DM2PR0101MB1039.prod.exchangelabs.com (10.160.129.156) by DM2PR0101MB1039.prod.exchangelabs.com (10.160.129.156) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.721.10; Thu, 17 Nov 2016 16:59:21 +0000
Received: from DM2PR0101MB1039.prod.exchangelabs.com ([10.160.129.156]) by DM2PR0101MB1039.prod.exchangelabs.com ([10.160.129.156]) with mapi id 15.01.0721.015; Thu, 17 Nov 2016 16:59:21 +0000
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: Ehud Doron <EhudD@Radware.com>
Thread-Topic: [Dots] Questions about draft-doron-dots-telemetry-00
Thread-Index: AdI7wYm473OfPCFJSFe1ONIXj1qG/gCjJvCAABCTo4AAZZb/gAAcaduAABLbOwAABAMHgQ==
Date: Thu, 17 Nov 2016 16:59:20 +0000
Message-ID: <4AB57E14-89A9-40EB-966A-0DEF1DA1F43D@arbor.net>
References: <359EC4B99E040048A7131E0F4E113AFC0104EAE8B8@marathon> <E58182C4A35A8E498E553AD3D33FA00101170E0067@ILMB1.corp.radware.com> <14E9BCB6-D522-4877-84E5-4589472B3CEC@arbor.net> <E58182C4A35A8E498E553AD3D33FA00101170E325A@ILMB1.corp.radware.com> <27D8FF07-7140-478F-AD26-64B5A1B7102D@arbor.net>, <E58182C4A35A8E498E553AD3D33FA00101170E43F2@ILMB1.corp.radware.com>
In-Reply-To: <E58182C4A35A8E498E553AD3D33FA00101170E43F2@ILMB1.corp.radware.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=rdobbins@arbor.net;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [121.162.109.253]
x-microsoft-exchange-diagnostics: 1; DM2PR0101MB1039; 7:k1+8mGXCKhPw7yLKZPoR11JSWC9UUvPNNIagUuyx4YGO2US1l2hiV2zyCorKPVav/k8TE0gOdVcelDixjsqyuhqaRT4xsBML6Utmj3vvPlIpSml3dIf3wEeqKFFyDlz5UbTY6g8UK1G4YD/jT5dI2zPYgioAgU/cw8gaHTrEXnLPk2cqcAqEaT2Vcc6YRF0QVL7HHJxsTXqpGttlHVvPxZdYDSGFB3ccMUcpNFlU5sKL2Q2l4GbtG15DKJu9lgCoaseKnPCdUDKaD3rzZYbDYobg7AxP/KmMli4+2BI8AbwA579VW0JoOq+HSQj4KjtgZcUhkLXU0hL7oNIETY+11TKXz82djeBaLSyCUCuwc/8=
x-ms-office365-filtering-correlation-id: fb0bca34-10eb-44b3-7c0c-08d40f0b137a
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001); SRVR:DM2PR0101MB1039;
x-microsoft-antispam-prvs: <DM2PR0101MB1039F053C84A349E6F93DCB6CAB10@DM2PR0101MB1039.prod.exchangelabs.com>
x-exchange-antispam-report-test: UriScan:(158342451672863);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6060326)(6040281)(2401047)(5005006)(8121501046)(3002001)(10201501046)(6061324)(6041223)(6043046); SRVR:DM2PR0101MB1039; BCL:0; PCL:0; RULEID:; SRVR:DM2PR0101MB1039;
x-forefront-prvs: 01294F875B
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(7916002)(199003)(377454003)(189002)(24454002)(3846002)(6116002)(2900100001)(2906002)(92566002)(230783001)(97736004)(4326007)(102836003)(189998001)(606004)(50986999)(105586002)(86362001)(8676002)(33656002)(7736002)(106356001)(229853002)(77096005)(68736007)(7846002)(122556002)(36756003)(3280700002)(76176999)(54356999)(66066001)(2950100002)(8936002)(6916009)(93886004)(6506003)(81166006)(83716003)(110136003)(5660300001)(101416001)(87936001)(6512003)(81156014)(82746002)(3660700001)(104396002); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR0101MB1039; H:DM2PR0101MB1039.prod.exchangelabs.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: arbor.net does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_4AB57E1489A940EB966A0DEF1DA1F43Darbornet_"
MIME-Version: 1.0
X-OriginatorOrg: arbor.net
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Nov 2016 16:59:20.4698 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 54f11205-d4aa-4809-bd36-0b542199c5b2
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR0101MB1039
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/QYxQUELK3m9VCTd2Q2tOU2GvwbI>
Cc: dots <dots@ietf.org>
Subject: Re: [Dots] Questions about draft-doron-dots-telemetry-00
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Nov 2016 16:59:29 -0000

On Nov 18, 2016, at 12:04 AM, Ehud Doron <EhudD@Radware.com<mailto:EhudD@Radware.com>> wrote:

We are talking about the overall needs to mutually signal telemetry about ongoing attacks that DOTS Client asks Server to mitigate upstream.
And what I'm saying is that straying beyond simple signaling & basic mitigation-related information is a bridge too far, for the initial stages, at least.

The paradigms for and capabilities of nodes which will participate in DOTS vary widely, & the parameters posited in draft-doron-dots-telemetry-00 are a) way too subjective, b) beyond the capabilities for most potential DOTS nodes, c) a barrier to entry for DOTS participation, & d) unnecessary for simple, useful DOTS signaling to perform its intended function.

This is something to be taken up in later phases of DOTS (if indeed it should be included in DOTS at all), IMHO.

We need a minimum viable operational capability, to start.   We can get fancy later.

-----------------------------------
Roland Dobbins <rdobbins@arbor.net<mailto:rdobbins@arbor.net>>

v2.23.0 | Report a Bug | By Email