Re: [Dots] FW: New Version Notification for draft-reddy-dots-telemetry-02.txt
"Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com> Thu, 12 September 2019 13:39 UTC
Return-Path: <tirumaleswarreddy_konda@mcafee.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 517B7120089 for <dots@ietfa.amsl.com>; Thu, 12 Sep 2019 06:39:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.299
X-Spam-Level:
X-Spam-Status: No, score=-4.299 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mcafee.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DUoXqNWXXyFk for <dots@ietfa.amsl.com>; Thu, 12 Sep 2019 06:39:27 -0700 (PDT)
Received: from us-smtp-delivery-140.mimecast.com (us-smtp-delivery-140.mimecast.com [63.128.21.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6B9E12007C for <dots@ietf.org>; Thu, 12 Sep 2019 06:39:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mcafee.com; s=mimecast20190606; t=1568295566; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=593p8I25w+ealeEH/jtWjD4zALrLAbjV9a7kb/IcGUI=; b=N6mC6J/tw3e4pHqS68ukQvecsM/IqSjb1TNCk/ExQpNeTZYl7BwWXXPUCwKFochNJwqGsJ hyGGg0CEDiZwecFDNuwb5ci4oVb+CrNSRlK+mCyqsmcIn7r4PsQruT4PkpZVV0NBPE1efT Ftkbn1FbNf8Rv03v1bWVrvyYFqO7EpY=
Received: from NAM05-DM3-obe.outbound.protection.outlook.com (mail-dm3nam05lp2056.outbound.protection.outlook.com [104.47.49.56]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-346-AlpNbLyOMQCxbyVLHFjFAw-1; Thu, 12 Sep 2019 09:39:23 -0400
Received: from DM5PR16MB1705.namprd16.prod.outlook.com (10.172.44.147) by DM5PR16MB1740.namprd16.prod.outlook.com (10.174.177.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2241.18; Thu, 12 Sep 2019 13:39:22 +0000
Received: from DM5PR16MB1705.namprd16.prod.outlook.com ([fe80::6478:cf1a:b35:22d1]) by DM5PR16MB1705.namprd16.prod.outlook.com ([fe80::6478:cf1a:b35:22d1%11]) with mapi id 15.20.2241.018; Thu, 12 Sep 2019 13:39:22 +0000
From: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com>
To: Jon Shallow <supjps-ietf@jpshallow.com>, "dots@ietf.org" <dots@ietf.org>
Thread-Topic: [Dots] FW: New Version Notification for draft-reddy-dots-telemetry-02.txt
Thread-Index: AQHVaSPwGU+amr0TH0y3YjWht+oT8acndpvQgAA6vwCAAFsPsA==
Date: Thu, 12 Sep 2019 13:39:22 +0000
Message-ID: <DM5PR16MB1705744D8F69E88B38FEAD72EAB00@DM5PR16MB1705.namprd16.prod.outlook.com>
References: <156826250811.13202.11257195174976096554.idtracker@ietfa.amsl.com> <CAFpG3gdKUqudfwn3brAjN0Cv7qhx7JSV-iXkv09E+3dVei0p1A@mail.gmail.com> <DM5PR16MB17055529AD5F77293A2740ABEAB00@DM5PR16MB1705.namprd16.prod.outlook.com> <002301d56941$d1616770$74243650$@jpshallow.com>
In-Reply-To: <002301d56941$d1616770$74243650$@jpshallow.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.3.0.17
dlp-reaction: no-action
x-originating-ip: [49.37.200.38]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a4215b09-7285-4f21-d880-08d737869eb9
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600166)(711020)(4605104)(1401327)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:DM5PR16MB1740;
x-ms-traffictypediagnostic: DM5PR16MB1740:
x-ms-exchange-purlcount: 8
x-microsoft-antispam-prvs: <DM5PR16MB1740AA652C94F605871FB65DEAB00@DM5PR16MB1740.namprd16.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 01583E185C
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(396003)(136003)(376002)(346002)(366004)(39860400002)(189003)(199004)(22974007)(32952001)(71190400001)(5024004)(236005)(81166006)(2420400007)(966005)(102836004)(54896002)(71200400001)(486006)(99286004)(476003)(76116006)(110136005)(7696005)(76176011)(2501003)(80792005)(606006)(5660300002)(66574012)(55016002)(446003)(26005)(14444005)(11346002)(186003)(6436002)(7736002)(6306002)(53546011)(53386004)(33656002)(53936002)(7110500001)(316002)(14454004)(8676002)(478600001)(6506007)(8936002)(64756008)(66446008)(25786009)(2906002)(66946007)(66556008)(74316002)(66476007)(229853002)(9686003)(15650500001)(86362001)(256004)(790700001)(52536014)(3846002)(6116002)(81156014)(6246003)(66066001)(85282002); DIR:OUT; SFP:1101; SCL:1; SRVR:DM5PR16MB1740; H:DM5PR16MB1705.namprd16.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: jLQM+KPsOWUU6mW2/GvB3/ROfPv7sIdeYp6ftGNk+51l80VbuY2UOa1L6+LSvSntrRUNBUX3UpcI9g0sEMUwI99JD/DH1mAUGT42IH+3yiN5E/MiqwMZZDmNyKWCuHh8YKZPVdrm8HVJfhe6eGOdIourjFIRmPWCYQ1NO50AkaRJSThA+HYKiOrT37Z11Y8IZ+yCH+rmNOjyS4fOtNxKnqEOygOBmsCEcUB0E1slLKMXmWOAS9BPvLkzZgCXS+1s7tpNuKha/nyeMFb101KO7rTGFcceYvkkV/xJwP/8AhZirZg/6gW18G8CT4iM7MbKNr2Mmea01Bovfgfcda7FAYu1tbMIG5QlepJ/s9r4EYhPmf6HtVoxnONLHoQNHDfkH/tkzDNf/ml6mHHBHdo9PyNSjE94ZGiTSYDUaoixAhg=
x-ms-exchange-transport-forked: True
MIME-Version: 1.0
X-OriginatorOrg: mcafee.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a4215b09-7285-4f21-d880-08d737869eb9
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Sep 2019 13:39:22.2840 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4943e38c-6dd4-428c-886d-24932bc2d5de
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: AznglYpsyvKzcnOXZAolQceHnF6yzckVgUfA1sqUv7SmXJKJBDLm3nHzbuuCrLi3qGd1CXOooxQXo0QXeIWm3PFgPduuBbyXqWnT8eITbso8BFdniGwnXlnrJS4Qwvsj
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR16MB1740
X-MC-Unique: AlpNbLyOMQCxbyVLHFjFAw-1
X-Mimecast-Spam-Score: 0
Content-Type: multipart/alternative; boundary="_000_DM5PR16MB1705744D8F69E88B38FEAD72EAB00DM5PR16MB1705namp_"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/WFtHzQbdegBloYrxuB2pbrsaavU>
Subject: Re: [Dots] FW: New Version Notification for draft-reddy-dots-telemetry-02.txt
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Sep 2019 13:39:30 -0000
Thanks Jon, updated “start-time” and “end-time” to be consistent with the “mitigation-start” in my local copy. -Tiru From: Jon Shallow <supjps-ietf@jpshallow.com> Sent: Thursday, September 12, 2019 1:42 PM To: Konda, Tirumaleswar Reddy <TirumaleswarReddy_Konda@McAfee.com>; dots@ietf.org Subject: RE: [Dots] FW: New Version Notification for draft-reddy-dots-telemetry-02.txt CAUTION: External email. Do not click links or open attachments unless you recognize the sender and know the content is safe. ________________________________ Hi Tiru, It is looking good. However, we are not consistent in the usage of “mitigation-start” in the signal draft and “start-time” where time is represented differently in the usage of uint64 which may cause some downstream confusion. I actually prefer (the granularity of) the “start-time” format, but am unsure as to how you would define this in YANG. Regards Jon From: Dots [mailto: dots-bounces@ietf.org<mailto:dots-bounces@ietf.org>] On Behalf Of Konda, Tirumaleswar Reddy Sent: 12 September 2019 05:55 To: dots@ietf.org<mailto:dots@ietf.org> Subject: [Dots] FW: New Version Notification for draft-reddy-dots-telemetry-02.txt This revision https://tools.ietf.org/html/draft-reddy-dots-telemetry-02 addresses comments from Kaname, Jon, Wei Pan and Yuuhei Hayashi. Major changes are listed below: a. Added path-suffix ‘telemetry’ to from the URI to signal DOTS telemetry b. Added attributes useful to detect resource-based DDoS attacks c. Attack details can be signaled from the DOTS client to server and vice-versa. d. Added several new attributes for attack details including top talkers. Comments and suggestions are welcome. -Tiru ---------- Forwarded message --------- From: <internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>> Date: Thu, 12 Sep 2019 at 09:58 Subject: New Version Notification for draft-reddy-dots-telemetry-02.txt To: Tirumaleswar Reddy <kondtir@gmail.com<mailto:kondtir@gmail.com>>, Ehud Doron <ehudd@radware.com<mailto:ehudd@radware.com>>, Mohamed Boucadair <mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com>> A new version of I-D, draft-reddy-dots-telemetry-02.txt has been successfully submitted by Tirumaleswar Reddy and posted to the IETF repository. Name: draft-reddy-dots-telemetry Revision: 02 Title: Distributed Denial-of-Service Open Threat Signaling (DOTS) Telemetry Document date: 2019-09-12 Group: Individual Submission Pages: 16 URL: https://www.ietf.org/internet-drafts/draft-reddy-dots-telemetry-02.txt Status: https://datatracker.ietf.org/doc/draft-reddy-dots-telemetry/ Htmlized: https://tools.ietf.org/html/draft-reddy-dots-telemetry-02 Htmlized: https://datatracker.ietf.org/doc/html/draft-reddy-dots-telemetry Diff: https://www.ietf.org/rfcdiff?url2=draft-reddy-dots-telemetry-02 Abstract: This document aims to enrich DOTS signal channel protocol with various telemetry attributes allowing optimal DDoS attack mitigation. This document specifies the normal traffic baseline and attack traffic telemetry attributes a DOTS client can convey to its DOTS server in the mitigation request, the mitigation status telemetry attributes a DOTS server can communicate to a DOTS client, and the mitigation efficacy telemetry attributes a DOTS client can communicate to a DOTS server. The telemetry attributes can assist the mitigator to choose the DDoS mitigation techniques and perform optimal DDoS attack mitigation. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org<http://tools.ietf.org>. The IETF Secretariat
- [Dots] FW: New Version Notification for draft-red… Konda, Tirumaleswar Reddy
- Re: [Dots] FW: New Version Notification for draft… Jon Shallow
- Re: [Dots] FW: New Version Notification for draft… Konda, Tirumaleswar Reddy
- Re: [Dots] New Version Notification for draft-red… Panwei (William)
- Re: [Dots] New Version Notification for draft-red… Konda, Tirumaleswar Reddy