Re: [Dots] TR: New Version Notification for draft-nishizuka-dots-signal-control-filtering-02.txt
<mohamed.boucadair@orange.com> Fri, 15 February 2019 07:42 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 87910128B14 for <dots@ietfa.amsl.com>; Thu, 14 Feb 2019 23:42:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lipaPK6h1T2e for <dots@ietfa.amsl.com>; Thu, 14 Feb 2019 23:42:10 -0800 (PST)
Received: from orange.com (mta134.mail.business.static.orange.com [80.12.70.34]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 268351200B3 for <dots@ietf.org>; Thu, 14 Feb 2019 23:42:10 -0800 (PST)
Received: from opfednr07.francetelecom.fr (unknown [xx.xx.xx.71]) by opfednr25.francetelecom.fr (ESMTP service) with ESMTP id 4414wJ45gxzCrGM; Fri, 15 Feb 2019 08:42:08 +0100 (CET)
Received: from Exchangemail-eme6.itn.ftgroup (unknown [xx.xx.13.48]) by opfednr07.francetelecom.fr (ESMTP service) with ESMTP id 4414wJ3cWTzFpWj; Fri, 15 Feb 2019 08:42:08 +0100 (CET)
Received: from OPEXCAUBMA2.corporate.adroot.infra.ftgroup ([fe80::e878:bd0:c89e:5b42]) by OPEXCAUBM32.corporate.adroot.infra.ftgroup ([fe80::81c9:5f:b9c5:1241%21]) with mapi id 14.03.0435.000; Fri, 15 Feb 2019 08:42:08 +0100
From: mohamed.boucadair@orange.com
To: Takahiko Nagata <nagata@lepidum.co.jp>, "dots@ietf.org" <dots@ietf.org>
Thread-Topic: [Dots] TR: New Version Notification for draft-nishizuka-dots-signal-control-filtering-02.txt
Thread-Index: AQHUsZSTGMTSbdBqkk2xGa77+OXjFKW5xiYAgB7w/wCAAZ29EIAGS5cA
Date: Fri, 15 Feb 2019 07:42:08 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B93302EA1FB62@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
References: <154808047532.8261.13887766521569519982.idtracker@ietfa.amsl.com> <787AE7BB302AE849A7480A190F8B93302EA0AFE4@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <9a6d0548-1b2d-3837-a5d4-12490aa46e99@lepidum.co.jp> <787AE7BB302AE849A7480A190F8B93302EA1D1CA@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
In-Reply-To: <787AE7BB302AE849A7480A190F8B93302EA1D1CA@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.13.247]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/Sw9uFCvRZkOK0-aQs39H6WX8dW0>
Subject: Re: [Dots] TR: New Version Notification for draft-nishizuka-dots-signal-control-filtering-02.txt
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Feb 2019 07:42:13 -0000
Hi Takahiko, The draft is updated to make this more clear. Please check -04. Cheers, Med > -----Message d'origine----- > De : Dots [mailto:dots-bounces@ietf.org] De la part de > mohamed.boucadair@orange.com > Envoyé : lundi 11 février 2019 08:40 > À : Takahiko Nagata; dots@ietf.org > Objet : Re: [Dots] TR: New Version Notification for draft-nishizuka-dots- > signal-control-filtering-02.txt > > Hi Takahiko, > > The parameters used in the initial request must be repeated in the refresh > request to modify the control filtering. > > Please note that sending only acl-list attributes in a PUT will fail because > of the checks against mandatory attributes: > > In the PUT request at least one of the attributes 'target-prefix', > 'target-fqdn','target-uri', or 'alias-name' MUST be present. > > ... > > If the request is missing a mandatory attribute, does not include > 'cuid' or 'mid' Uri-Path options, includes multiple 'scope' > parameters, or contains invalid or unknown parameters, the DOTS > server MUST reply with 4.00 (Bad Request). > > Cheers, > Med > > > -----Message d'origine----- > > De : Dots [mailto:dots-bounces@ietf.org] De la part de Takahiko Nagata > > Envoyé : dimanche 10 février 2019 08:52 > > À : dots@ietf.org > > Objet : Re: [Dots] TR: New Version Notification for draft-nishizuka-dots- > > signal-control-filtering-02.txt > > > > Hi Med, all, > > > > Thank you for updated draft. > > > > I have a question for usecase of this draft -03 specification. > > > > (Question) Would we allow using Mitigation request with > > only control-filtering attributes? > > > > This mean, PUT SignalChannel Mitigation request with > > only acl-list (without any target-xxx). > > > > Usecase: > > Only update status of DataChannel ACL during a DDoS attack. > > (If DataChannel ACL is enough for protection. ) > > > > > > Best Regards, > > Takahiko Nagata > > > > On 2019/01/21 23:25, mohamed.boucadair@orange.com wrote: > > > Hi Takahiko, > > > > > > I updated the draft to take into account your comments: > > > > > > * Make sure that by default, the data channel is used for ACL-related > > operations. > > > * No update is required to efficacy update, get, and delete. > > > > > > Please let us know if the changes addresses your comments. > > > > > > Don't hesitate to share any further comment you may have. Thanks. > > > > > > Cheers, > > > Med > > > > > >> -----Message d'origine----- > > >> De : internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] > > >> Envoyé : lundi 21 janvier 2019 15:21 > > >> À : Takahiko Nagata; Tirumaleswar Reddy; BOUCADAIR Mohamed TGI/OLN; > Reddy > > K; > > >> Kaname Nishizuka > > >> Objet : New Version Notification for draft-nishizuka-dots-signal- > control- > > >> filtering-02.txt > > >> > > >> > > >> A new version of I-D, draft-nishizuka-dots-signal-control-filtering- > 02.txt > > >> has been successfully submitted by Mohamed Boucadair and posted to the > > >> IETF repository. > > >> > > >> Name: draft-nishizuka-dots-signal-control-filtering > > >> Revision: 02 > > >> Title: Controlling Filtering Rules Using DOTS Signal Channel > > >> Document date: 2019-01-21 > > >> Group: Individual Submission > > >> Pages: 15 > > >> URL: https://www.ietf.org/internet-drafts/draft-nishizuka- > dots- > > >> signal-control-filtering-02.txt > > >> Status: https://datatracker.ietf.org/doc/draft-nishizuka-dots- > > signal- > > >> control-filtering/ > > >> Htmlized: https://tools.ietf.org/html/draft-nishizuka-dots-signal- > > >> control-filtering-02 > > >> Htmlized: https://datatracker.ietf.org/doc/html/draft-nishizuka- > > dots- > > >> signal-control-filtering > > >> Diff: https://www.ietf.org/rfcdiff?url2=draft-nishizuka-dots- > > >> signal-control-filtering-02 > > >> > > >> Abstract: > > >> This document specifies an extension to the DOTS signal channel to > > >> control the filtering rules when an attack mitigation is active. > > >> > > >> Particularly, this extension allows a DOTS client to activate or de- > > >> activate filtering rules during a DDoS attack. The characterization > > >> of these filtering rules is supposed to be conveyed by a DOTS client > > >> during peace time by means of DOTS data channel. > > >> > > >> Editorial Note (To be removed by RFC Editor) > > >> > > >> Please update these statements within the document with the RFC > > >> number to be assigned to this document: > > >> > > >> o "This version of this YANG module is part of RFC XXXX;" > > >> > > >> o "RFC XXXX: Controlling Filtering Rules Using DOTS Signal > Channel"; > > >> > > >> o reference: RFC XXXX > > >> > > >> o [RFCXXXX] > > >> > > >> Please update these statements with the RFC number to be assigned to > > >> the following documents: > > >> > > >> o "RFC SSSS: Distributed Denial-of-Service Open Threat Signaling > > >> (DOTS) Signal Channel Specification" (used to be > > >> [I-D.ietf-dots-signal-channel]) > > >> > > >> o "RFC DDDD: Distributed Denial-of-Service Open Threat Signaling > > >> (DOTS) Data Channel Specification" (used to be > > >> [I-D.ietf-dots-data-channel]) > > >> > > >> Please update the "revision" date of the YANG module. > > >> > > >> > > >> > > >> > > >> Please note that it may take a couple of minutes from the time of > > submission > > >> until the htmlized version and diff are available at tools.ietf.org. > > >> > > >> The IETF Secretariat > > > > > > > -- > > ============================= > > 株式会社レピダム > > 永田 貴彦 > > > > Mail: nagata@lepidum.co.jp > > Tel: 03-6276-5103 > > > > 〒151-0071 > > 東京都渋谷区本町3-12-1 住友不動産西新宿ビル6号館 > > ============================= > > > > _______________________________________________ > > Dots mailing list > > Dots@ietf.org > > https://www.ietf.org/mailman/listinfo/dots > _______________________________________________ > Dots mailing list > Dots@ietf.org > https://www.ietf.org/mailman/listinfo/dots
- [Dots] TR: New Version Notification for draft-nis… mohamed.boucadair
- Re: [Dots] TR: New Version Notification for draft… Takahiko Nagata
- Re: [Dots] TR: New Version Notification for draft… mohamed.boucadair
- Re: [Dots] TR: New Version Notification for draft… mohamed.boucadair