IETF Logo Mail Archive

Re: [Dots] WGLC for draft-ietf-dots-telemetry-use-cases-04

H Y <yuuhei.hayashi@gmail.com> Fri, 11 February 2022 08:01 UTC

Return-Path: <yuuhei.hayashi@gmail.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D2E93A0E5C; Fri, 11 Feb 2022 00:01:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.696
X-Spam-Level:
X-Spam-Status: No, score=-5.696 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_COMMENT_SAVED_URL=1.391, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_HTML_ATTACH=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YaOLSARfXn-i; Fri, 11 Feb 2022 00:01:06 -0800 (PST)
Received: from mail-ed1-x52f.google.com (mail-ed1-x52f.google.com [IPv6:2a00:1450:4864:20::52f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A47E73A0E67; Fri, 11 Feb 2022 00:01:05 -0800 (PST)
Received: by mail-ed1-x52f.google.com with SMTP id ch26so15051031edb.12; Fri, 11 Feb 2022 00:01:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=iJt62dmkML9nmREHfSf6l+IajCXxvCIc+N25cBy8vMw=; b=ljBQCXcmZwrOF2dRD2t7of5XCNHjZ9i7G+tIDRKr9g6ZlIxDZYinr0iCIrU74oqw0V Lv7JXN0Lfs23eS4GnI+VRLG7wIF8iuRUggroDDCXpYoaoD6VC251OB70zp9ZOqnAafOM QE6fG8nJaBFQqWn0RDKxJKBNjnlPZfeADzi94S6j3FkjkSAJX25LD7XzE/9hMDgukrUk UnvdUopaLUsGZiOI0vE+hGkxB8ogtvQWko/NBFtFvSpx8kfPbi4G75npceD3ZY8MH1QW /Gboqhof9i1OToXlxieBCivoPNKltcFGWjjcRkwmL1yxUr3Vz/lgpybZYyQSGrttHcf8 n5Vw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=iJt62dmkML9nmREHfSf6l+IajCXxvCIc+N25cBy8vMw=; b=cuEZ99c9j3QCC3f+nIHeKbCZM0ecn4laOqz7F4X7KWLV1jUxMCja/eDbDRTwxIhTvQ QEq3BLrNWh4ewjCvUzviVte5r+a2TQl6/s8xCs+5fs7ygaq/ZpXM+tfEiK5H0dlkI+LW FtpMtQBOfNJY8NkK6vGtdCbu67ADXAA64ip6Awoa7hJEcJW6sgi1u9u2c/E2eEqorMRb uwKTx/P8Wsfr4SDIjzHI5qf2jE1rEt6WF7xaBAi04Hlkh9Y5VhcXz+DlzRiphQtvKm1C Y3zo58BDYSqlCe0nt8dz+SmQsvcmNiHM/zNIx9HIGxNvyHbNKrzaOjn4i25UJ2rJdvRA pwSw==
X-Gm-Message-State: AOAM533c0nRfBEkyUe06EUwVYayeY5sOu66TyUhfjKcaJOj4CYXU6aqW oobhWp6lV6shElcRkWfNpun+e1XkGjBWobFf+fZGr44zNx0qLA==
X-Google-Smtp-Source: ABdhPJz2ucjJFanpN/gl3Ah5wvCFBlmdYbQdfcnHXvLFkID67VCzf5PzwKOOEXysr/8oboB5iqPaxnksoej+R/3EwWg=
X-Received: by 2002:aa7:dc4b:: with SMTP id g11mr606138edu.340.1644566463744; Fri, 11 Feb 2022 00:01:03 -0800 (PST)
MIME-Version: 1.0
References: <181601d81da8$0cee3a80$26caaf80$@smyslov.net> <23921_1644415165_6203C8BD_23921_233_1_787AE7BB302AE849A7480A190F8B93303548ECDA@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <CAA8pjUPRUXSOwf-1EBA4BsDb7aYw792n59FUJFvzPYCKqNTcUg@mail.gmail.com> <CAA8pjUOrYQnJrzwcAhzmp5FMBDm__u4UomCYFDLDD7G09zNPnA@mail.gmail.com> <17353_1644562189_6206070D_17353_218_1_787AE7BB302AE849A7480A190F8B93303549155E@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <CAA8pjUMeu0apgO6BZ0h2gq7x+KsOg0GOSH_SnznkRh1hNNuGgQ@mail.gmail.com>
In-Reply-To: <CAA8pjUMeu0apgO6BZ0h2gq7x+KsOg0GOSH_SnznkRh1hNNuGgQ@mail.gmail.com>
From: H Y <yuuhei.hayashi@gmail.com>
Date: Fri, 11 Feb 2022 17:00:56 +0900
Message-ID: <CAA8pjUOV=KLgmFxqeSA5dASrT2msWyu4T9Mvi3tzqruR-uEFvQ@mail.gmail.com>
To: Mohamed Boucadair <mohamed.boucadair@orange.com>, "dots@ietf.org" <dots@ietf.org>
Cc: "dots-chairs@ietf.org" <dots-chairs@ietf.org>, Valery Smyslov <valery@smyslov.net>, "draft-ietf-dots-telemetry-use-cases@ietf.org" <draft-ietf-dots-telemetry-use-cases@ietf.org>
Content-Type: multipart/mixed; boundary="000000000000e1a33705d7b9774c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/RXri4KPPLqe7iiSkUp9UVGssfXk>
Subject: Re: [Dots] WGLC for draft-ietf-dots-telemetry-use-cases-04
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Feb 2022 08:01:13 -0000

Hi Med, All,

I updated the draft and submitted it as 06.

>You may consider removing them but add some text to recall the attack mapping over the data channel.
I removed the "attack-description" in signal channel but add some
mapping in data channel.

Thanks,
Yuhei

2022年2月11日(金) 16:40 H Y <yuuhei.hayashi@gmail.com>:
>
> Hi Med,
>
> I got it. I misunderstood the way to use "attack-description".
>
> >You may consider removing them but add some text to recall the attack mapping over the data channel.
> I will remove the "attack-description".
>
> Thanks,
> Yuhei
>
> 2022年2月11日(金) 15:49 <mohamed.boucadair@orange.com>:
> >
> > Hi Yuhei,
> >
> > One quick comment about:
> >
> > ==
> >             "attack-description": "DNS amplification Attack: This attack is a type of reflection attack in which attackers spoofes a target's IP address. The attackers abuses vulnerbilities in DNS servers to turn small queries into larger payloads."
> > ==
> >
> > and
> >
> > ==
> >             "attack-description":"NTP amplification Attack: This attack is a type of reflection attack in which attackers spoofes a target's IP address. The attackers abuses vulnerbilities in NTP servers to turn small queries into larger payloads."
> > ==
> >
> > Please note that the telemetry spec says the following:
> >
> >    When conveying attack details in DOTS telemetry messages (Sections
> >    8.2, 8.3, and 9), DOTS agents MUST NOT include the 'attack-
> >    description' attribute unless the corresponding attack mapping
> >    details were not previously shared with the peer DOTS agent.
> >
> > So, the text should explain why "attack-description" attributes are present in the example.
> >
> > You may consider removing them but add some text to recall the attack mapping over the data channel.
> >
> > Thank you.
> >
> > Cheers,
> > Med
> >
> > > -----Message d'origine-----
> > > De : Dots <dots-bounces@ietf.org> De la part de H Y
> > > Envoyé : vendredi 11 février 2022 05:16
> > > À : dots@ietf.org
> > > Cc : dots-chairs@ietf.org; Valery Smyslov <valery@smyslov.net>;
> > > BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com>; draft-ietf-
> > > dots-telemetry-use-cases@ietf.org
> > > Objet : Re: [Dots] WGLC for draft-ietf-dots-telemetry-use-cases-04
> > >
> > > Hi all,
> > >
> > > We modified some nits and upload as 05. We will add some description to
> > > clarify our use cases.
> > >
> > > Comments are welcome.
> > >
> > > Thanks,
> > > Yuhei
> > >
> > > 2022年2月9日(水) 23:34 H Y <yuuhei.hayashi@gmail.com>:
> > > >
> > > > Hi Med,
> > > >
> > > > Thank you for your comments and suggestions.
> > > >
> > > > I will revise the draft in a few days.
> > > >
> > > > Thanks,
> > > > Yuhei
> > > >
> > > > 2022年2月9日(水) 22:59 <mohamed.boucadair@orange.com>:
> > > > >
> > > > > Hi Valery, all,
> > > > >
> > > > > I support advancing this document, but I think a revised version is
> > > needed.
> > > > >
> > > > > FWIW, some comments and suggestions can be found at:
> > > > > * pdf:
> > > > > https://raw.githubusercontent.com/boucadair/IETF-Drafts-Reviews/mast
> > > > > er/draft-ietf-dots-telemetry-use-cases-04-rev%20Med.pdf
> > > > > * doc:
> > > > > https://github.com/boucadair/IETF-Drafts-Reviews/raw/master/draft-ie
> > > > > tf-dots-telemetry-use-cases-04-rev%20Med.doc
> > > > >
> > > > > Cheers,
> > > > > Med
> > > > >
> > > > > > -----Message d'origine-----
> > > > > > De : Dots <dots-bounces@ietf.org> De la part de Valery Smyslov
> > > > > > Envoyé : mercredi 9 février 2022 12:28 À : dots@ietf.org Cc :
> > > > > > dots-chairs@ietf.org; draft-ietf-dots-telemetry-use-cases@ietf.org
> > > > > > Objet : [Dots] WGLC for draft-ietf-dots-telemetry-use-cases-04
> > > > > >
> > > > > > Hi,
> > > > > >
> > > > > > this message starts a two-week working group last call for
> > > > > > draft-ietf- dots-telemetry-use-cases-04.
> > > > > > The WGLC will end on Thursday, February 24. Please, review the
> > > > > > draft and send your comments to the mailing list.
> > > > > >
> > > > > > Regards,
> > > > > > Frank & Valery.
> > > > > >
> > > > > > _______________________________________________
> > > > > > Dots mailing list
> > > > > > Dots@ietf.org
> > > > > > https://www.ietf.org/mailman/listinfo/dots
> > > > >
> > > > > ____________________________________________________________________
> > > > > _____________________________________________________
> > > > >
> > > > > Ce message et ses pieces jointes peuvent contenir des informations
> > > > > confidentielles ou privilegiees et ne doivent donc pas etre
> > > > > diffuses, exploites ou copies sans autorisation. Si vous avez recu
> > > > > ce message par erreur, veuillez le signaler a l'expediteur et le
> > > detruire ainsi que les pieces jointes. Les messages electroniques etant
> > > susceptibles d'alteration, Orange decline toute responsabilite si ce
> > > message a ete altere, deforme ou falsifie. Merci.
> > > > >
> > > > > This message and its attachments may contain confidential or
> > > > > privileged information that may be protected by law; they should not
> > > be distributed, used or copied without authorisation.
> > > > > If you have received this email in error, please notify the sender
> > > and delete this message and its attachments.
> > > > > As emails may be altered, Orange is not liable for messages that
> > > have been modified, changed or falsified.
> > > > > Thank you.
> > > > >
> > > >
> > > >
> > > > --
> > > > ----------------------------------
> > > > Yuuhei HAYASHI
> > > > 08065300884
> > > > yuuhei.hayashi@gmail.com
> > > > iehuuy_0220@docomo.ne.jp
> > > > ----------------------------------
> > >
> > >
> > >
> > > --
> > > ----------------------------------
> > > Yuuhei HAYASHI
> > > 08065300884
> > > yuuhei.hayashi@gmail.com
> > > iehuuy_0220@docomo.ne.jp
> > > ----------------------------------
> >
> > _________________________________________________________________________________________________________________________
> >
> > Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
> > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
> > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
> > Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
> >
> > This message and its attachments may contain confidential or privileged information that may be protected by law;
> > they should not be distributed, used or copied without authorisation.
> > If you have received this email in error, please notify the sender and delete this message and its attachments.
> > As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
> > Thank you.
> >
>
>
> --
> ----------------------------------
> Yuuhei HAYASHI
> 08065300884
> yuuhei.hayashi@gmail.com
> iehuuy_0220@docomo.ne.jp
> ----------------------------------



-- 
----------------------------------
Yuuhei HAYASHI
08065300884
yuuhei.hayashi@gmail.com
iehuuy_0220@docomo.ne.jp
----------------------------------

v2.23.0 | Report a Bug | By Email