Re: [Dots] New Version Notification for draft-moskowitz-dots-ssls-02.txt
🔓Dan Wing <dwing@cisco.com> Thu, 24 March 2016 00:59 UTC
Return-Path: <dwing@cisco.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5B97C12D55F for <dots@ietfa.amsl.com>; Wed, 23 Mar 2016 17:59:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.53
X-Spam-Level:
X-Spam-Status: No, score=-14.53 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id juCSNIXHb_Lx for <dots@ietfa.amsl.com>; Wed, 23 Mar 2016 17:59:55 -0700 (PDT)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E927E12D1C1 for <dots@ietf.org>; Wed, 23 Mar 2016 17:59:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10124; q=dns/txt; s=iport; t=1458781194; x=1459990794; h=mime-version:subject:from:in-reply-to:date:cc:message-id: references:to; bh=fe4vmorYNVoiduUNHOMco7lsk0VjHY24yIKxIAu987g=; b=WcATbufhCSa0wdz4SN2QiMiUJxh01D4uTIRWsqczOXc1lI4mP4keZ1SE MPzIpLmiSbq5Lp79MGT3MkKf3TuqPRdotP7/d2fW1/t4MbzbN66wMYkxw phMqmaKm8yl0mbBExKLFVV4gC80L0Qw8K5t8wXStc/Ge5lEw/IZ98zHS7 M=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BeAgDkOvNW/4kNJK1egzNTerVxhG4BDYFwFwEJhWwCgUM4FAEBAQEBAQFkJ4RBAQEBBAEBAWsJAhALDgMDAQIBJwcnHwkIBhMbiAwOwRoBAQEBAQEBAQEBAQEBAQEBAQEBAQEVhh6Bc4JRhFyDC4IrBYdchV90PYhuhXGIE4FmTYN/gwSFVI8HDw8BAUKCAByBaRwuAYoKAQEB
X-IronPort-AV: E=Sophos;i="5.24,383,1454976000"; d="scan'208,217";a="253126987"
Received: from alln-core-4.cisco.com ([173.36.13.137]) by alln-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 24 Mar 2016 00:59:53 +0000
Received: from [10.24.126.45] ([10.24.126.45]) (authenticated bits=0) by alln-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id u2O0xqPB019860 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 24 Mar 2016 00:59:53 GMT
Content-Type: multipart/alternative; boundary="Apple-Mail=_085E2572-66D4-405E-BF6B-57315BE6CC5B"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: 🔓Dan Wing <dwing@cisco.com>
In-Reply-To: <56F040DD.9020700@htt-consult.com>
Date: Wed, 23 Mar 2016 17:59:52 -0700
Message-Id: <2F7C780F-B325-4FAD-B46B-EBC5A97A7181@cisco.com>
References: <56F040DD.9020700@htt-consult.com>
To: Robert Moskowitz <rgm-sec@htt-consult.com>
X-Mailer: Apple Mail (2.3124)
X-Authenticated-User: dwing
Archived-At: <http://mailarchive.ietf.org/arch/msg/dots/Ve2EtIEsPcIQmvtRMugg5vrgmAY>
Cc: "dots@ietf.org" <dots@ietf.org>
Subject: Re: [Dots] New Version Notification for draft-moskowitz-dots-ssls-02.txt
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Mar 2016 00:59:58 -0000
On 21-Mar-2016 11:43 am, Robert Moskowitz <rgm-sec@htt-consult.com> wrote: > For my agenda item on > > Introducing session layer considerations > > Please see the following draft. There are a number of 'embedded' drafts to work through to get the whole story. I will start a discuss on this tomorrow on the list. If we need fragmentation support, a fragmentation layer on top of DTLS would serve us better than SSLS. DTLS already handles fragmentation for its own handshakes (similar to IKE's RFC7383), leaving us with solving the fragmentation/reassembly. I see both draft-fossati-dtls-over-gsm-sms (expired) and draft-hartke-dice-practical-issues (expired) explored the problem and some solutions with small-MTU networks with UDP packets. But back to requirements for a moment: what is the minimum MTU we need DOTS signaling to be sent over? I have always imagined we are running over the same network as the Internet-originated DoS traffic itself is originated from the Internet or from a WiFi, LTE, or Ethernet-connected device, which means the MTU is approximately 1280 bytes (considering both IPv6 minimum MTU of 1280, and the typical IPv4 MTU seen on the Internet). But it seems draft-moskowitz-dots-ssls is anticipating using SMS for signaling. According to draft-fossati-dtls-over-gsm-sms, SMS can do its own reassembly ("Concatenated short messages") so for SMS it seems we (IETF) don't need to do protocol work SMS fragmentation/reassembly. -d > > > > -------- Forwarded Message -------- > Subject: New Version Notification for draft-moskowitz-dots-ssls-02.txt > Date: Mon, 21 Mar 2016 11:40:20 -0700 > From: internet-drafts@ietf.org <mailto:internet-drafts@ietf.org> > To: Robert Moskowitz <rgm@labs.htt-consult.com> <mailto:rgm@labs.htt-consult.com>, Susan Hares <shares@ndzh.com> <mailto:shares@ndzh.com> > > A new version of I-D, draft-moskowitz-dots-ssls-02.txt > has been successfully submitted by Robert Moskowitz and posted to the > IETF repository. > > Name: draft-moskowitz-dots-ssls > Revision: 02 > Title: DOTS Secure Session Layer Services > Document date: 2016-03-21 > Group: Individual Submission > Pages: 6 > URL: https://www.ietf.org/internet-drafts/draft-moskowitz-dots-ssls-02.txt <https://www.ietf.org/internet-drafts/draft-moskowitz-dots-ssls-02.txt> > Status: https://datatracker.ietf.org/doc/draft-moskowitz-dots-ssls/ <https://datatracker.ietf.org/doc/draft-moskowitz-dots-ssls/> > Htmlized: https://tools.ietf.org/html/draft-moskowitz-dots-ssls-02 <https://tools.ietf.org/html/draft-moskowitz-dots-ssls-02> > Diff: https://www.ietf.org/rfcdiff?url2=draft-moskowitz-dots-ssls-02 <https://www.ietf.org/rfcdiff?url2=draft-moskowitz-dots-ssls-02> > > Abstract: > This document describes using a session layer service for DOTS > messaging to provide secure messaging while delivering on a number of > DOTS requirements including avoiding fate-sharing with the under- > lying communications. > > > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat > > > > > _______________________________________________ > Dots mailing list > Dots@ietf.org > https://www.ietf.org/mailman/listinfo/dots
- [Dots] Fwd: New Version Notification for draft-mo… Robert Moskowitz
- Re: [Dots] New Version Notification for draft-mos… 🔓Dan Wing
- Re: [Dots] New Version Notification for draft-mos… Roland Dobbins
- Re: [Dots] New Version Notification for draft-mos… gclark mti-systems.com
- Re: [Dots] New Version Notification for draft-mos… Roland Dobbins