IETF Logo Mail Archive

Re: [Dots] Mirja Kühlewind's Discuss on draft-ietf-dots-requirements-18: (with DISCUSS and COMMENT)

"Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com> Thu, 21 February 2019 14:03 UTC

Return-Path: <TirumaleswarReddy_Konda@mcafee.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2FDB1131064; Thu, 21 Feb 2019 06:03:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.801
X-Spam-Level:
X-Spam-Status: No, score=-2.801 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_SORBS_WEB=1.5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mcafee.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d6qN22gFC3UN; Thu, 21 Feb 2019 06:03:56 -0800 (PST)
Received: from DNVWSMAILOUT1.mcafee.com (dnvwsmailout1.mcafee.com [161.69.31.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 99E4B13109B; Thu, 21 Feb 2019 06:03:54 -0800 (PST)
X-NAI-Header: Modified by McAfee Email Gateway (5500)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mcafee.com; s=s_mcafee; t=1550757698; h=From: To:CC:Subject:Thread-Topic:Thread-Index:Date: Message-ID:References:In-Reply-To:Accept-Language: Content-Language:X-MS-Has-Attach:X-MS-TNEF-Correlator: dlp-product:dlp-version:dlp-reaction:authentication-results: x-originating-ip:x-ms-publictraffictype:x-ms-office365-filtering-correlation-id: x-microsoft-antispam:x-ms-traffictypediagnostic: x-microsoft-exchange-diagnostics:x-microsoft-antispam-prvs: x-forefront-prvs:x-forefront-antispam-report: received-spf:x-ms-exchange-senderadcheck:x-microsoft-antispam-message-info: Content-Type:Content-Transfer-Encoding:MIME-Version: X-MS-Exchange-CrossTenant-Network-Message-Id: X-MS-Exchange-CrossTenant-originalarrivaltime: X-MS-Exchange-CrossTenant-fromentityheader: X-MS-Exchange-CrossTenant-id:X-MS-Exchange-CrossTenant-mailboxtype: X-MS-Exchange-Transport-CrossTenantHeadersStamped: X-OriginatorOrg:X-NAI-Spam-Flag:X-NAI-Spam-Level: X-NAI-Spam-Threshold:X-NAI-Spam-Score:X-NAI-Spam-Version; bh=n1TTVeZ2beGVJSnkGHSTnqpl8b+1zjzZYozQla l5ECM=; b=mO/kpkm7383AYTt2NzDtVRvT7fL4y2RIAb0QHg2M /+WACbFWIA4of9RWGqI6+bprcgDCBVzN1yYHhfBAnHR+hRlLx/ yB8FNTf3jY281NAw7ftYRlybQckwvndSgdzwn9hWTFoQzVKnzb Z0N720tly91a+ew8af2lvs5Gu43Uyfk=
Received: from DNVEXAPP1N05.corpzone.internalzone.com (DNVEXAPP1N05.corpzone.internalzone.com [10.44.48.89]) by DNVWSMAILOUT1.mcafee.com with smtp (TLS: TLSv1/SSLv3,256bits,ECDHE-RSA-AES256-SHA384) id 5b68_186f_d829f995_ee5a_4e0a_b183_a142cacd760f; Thu, 21 Feb 2019 07:01:37 -0700
Received: from DNVEXAPP1N05.corpzone.internalzone.com (10.44.48.89) by DNVEXAPP1N05.corpzone.internalzone.com (10.44.48.89) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Thu, 21 Feb 2019 07:03:02 -0700
Received: from DNVO365EDGE1.corpzone.internalzone.com (10.44.176.66) by DNVEXAPP1N05.corpzone.internalzone.com (10.44.48.89) with Microsoft SMTP Server (TLS) id 15.0.1395.4 via Frontend Transport; Thu, 21 Feb 2019 07:03:02 -0700
Received: from NAM05-BY2-obe.outbound.protection.outlook.com (10.44.176.243) by edge.mcafee.com (10.44.176.66) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Thu, 21 Feb 2019 07:03:00 -0700
Received: from BYAPR16MB2790.namprd16.prod.outlook.com (20.178.233.91) by BYAPR16MB2552.namprd16.prod.outlook.com (20.177.225.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1622.19; Thu, 21 Feb 2019 14:03:00 +0000
Received: from BYAPR16MB2790.namprd16.prod.outlook.com ([fe80::9c48:452b:e39c:ef39]) by BYAPR16MB2790.namprd16.prod.outlook.com ([fe80::9c48:452b:e39c:ef39%2]) with mapi id 15.20.1622.020; Thu, 21 Feb 2019 14:03:00 +0000
From: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com>
To: "Mirja Kuehlewind (IETF)" <ietf@kuehlewind.net>
CC: "mohamed.boucadair@orange.com" <mohamed.boucadair@orange.com>, "Teague, Nik" <nteague@Verisign.com>, "dots-chairs@ietf.org" <dots-chairs@ietf.org>, "frank.xialiang@huawei.com" <frank.xialiang@huawei.com>, "dots@ietf.org" <dots@ietf.org>, The IESG <iesg@ietf.org>, "draft-ietf-dots-requirements@ietf.org" <draft-ietf-dots-requirements@ietf.org>
Thread-Topic: [Dots] Mirja Kühlewind's Discuss on draft-ietf-dots-requirements-18: (with DISCUSS and COMMENT)
Thread-Index: AQHUyesDP1CNrYXQskG52S/8z8vxv6XqQ+wA
Date: Thu, 21 Feb 2019 14:02:59 +0000
Message-ID: <BYAPR16MB279031D6757223953D3FFA04EA7E0@BYAPR16MB2790.namprd16.prod.outlook.com>
References: <155068522853.31498.10686203344983870104.idtracker@ietfa.amsl.com> <787AE7BB302AE849A7480A190F8B93302EA23122@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <66BB8E3D-DEB6-43AC-AAEB-B6EB1A248865@kuehlewind.net> <5CE85A1F-16DC-485C-BA5F-278E0E8CFF3C@Verisign.com> <3089053C-CF9B-491A-ACB0-0BC053C50E88@kuehlewind.net> <787AE7BB302AE849A7480A190F8B93302EA232C1@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <BYAPR16MB2790CD35599D350A706FCD62EA7E0@BYAPR16MB2790.namprd16.prod.outlook.com> <E97DF3BB-6A6E-4137-81D7-F1D23DCAF4EB@kuehlewind.net>
In-Reply-To: <E97DF3BB-6A6E-4137-81D7-F1D23DCAF4EB@kuehlewind.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.2.0.6
dlp-reaction: no-action
authentication-results: spf=none (sender IP is ) smtp.mailfrom=TirumaleswarReddy_Konda@McAfee.com;
x-originating-ip: [122.171.76.178]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 8e759a34-1c3c-41ff-2fd0-08d6980549db
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605104)(2017052603328)(7153060)(7193020); SRVR:BYAPR16MB2552;
x-ms-traffictypediagnostic: BYAPR16MB2552:
x-microsoft-exchange-diagnostics: 1;BYAPR16MB2552;23:49cWCJvgxNxF2pLNBUTXGvzHqONBW0N6t5ellousNpySfo9vBdDCvr24tEYCnEgtYYSx4BmqwyExdgjohnyrrfouJibcX8XrYNzr6nou28rpvfU5gOXf3Vx4XDyBoVyrO74Buuq7gEN0wdw+/v/UgXrxEAKe2tVbDkdSjqyhcrqg55jlWJawQGB69+o9rb98X6m6pEVIutzV+CL7mXWdrpUT5kFQDlho1moCCsIRj9feHkIT/crnUT/4EgxEV3r8TysLBWcDyYY9sEcaqvW34s146uzhztyhLuo72YsS6iUoi8R7tpY4gdbCo2/LPrvui/nm+Mpz0CQJdErMiNPuwkbbKkWIWQ29LPSiIRU3buuccn4ZZvWE+C93i8TGb9yBdKD+LqhrsHall8RHcwRswPQEajMESZyFSKDxqEk4hA6D10tCGJRfhcl+Z0X6U7i8yIkhPx1oqlgMDtiH69r5puSHyNvT/2ncV7yXi+UGL7DG4kdek86F73OXjy4E8mOA9dcnEZacJfyzpt39xj9HG0LU2MWPOZwZm/Yj/eeDLAfVAD7JwZaGwPlOslgKfgV6rD6iHgB50ZAK2wDAuUEtc05Xtw+pq37iDFwVDG8gOunZ7ojT5PlxboRobbgcftDdBEGiWvDf6vyjoHw+nGD5UFFTpZrKoOj5QGr6e452q39CX+w2Zq24E8MgnnQ8l/kx84jqR1mtztKqQKRm5Tbn5y9+/R1M/gIpXYj0XozV5aRga8JFxwxuRYke31y9tS0iugLYs47PTwsC3x7cGY6m5IDlOm1wzkABpHkK8GScce+LwN0k0+pwMsWalo16wcY18t/IjisUQ1o6AJMQV1US4eH3IcXxySbvuoP1GKvG6xAw8rjOqJdORl3K2VxDqUzAMpuseIsZGNEjxoXfDYjUW1UA6mH+FcF6Y6vQLhLquZJo8iLMbuZM7cPrIrLU4qCT8a3TICHmfEmhogHYtS64uZeS0lmBsT/SbrFVy4vcRlPMgqHFohdk8daFmw21kaXYTwNrooLVnpZIA++z5ol0b60I9S6kgY79tBcB2uoruCMLmWAkiYVnXJ5U/7z1yTvS9h+TD44ECFDOE7SRdnaIBS22PHHPMQthEI/3dgzTiSEcDg/gwrfEa84F3H6+RGi3GXqvHJkEJ/BSbbAcI9degbtrgiU22ZT7iJMa3Rr56iiPLbIQpBXnAEgTlh3Y62JhIpeCIyxw3cELdxX9bs1yNuFUoDNu4zXt4mqOUD7P4Wso5FgANovFsUUEXCBACyYSveST5XvJOvuYI9mxA5ABsMh3hctW3wnmNBVgM4NH9TabzURgkbI6tuU1F8MFb8yYUO4jd/oRJ5+Q+ZWPhtOhgA+g84i4iAeMDcSAVrK+oNshJ9r6OJiuNwxV+LDGe51+6a4IiVy0Gpea+Q5XkJ4TbmwJMhXnWtkXtP6jtLZo8ec=
x-microsoft-antispam-prvs: <BYAPR16MB255229D71AE79ADF4C268EE2EA7E0@BYAPR16MB2552.namprd16.prod.outlook.com>
x-forefront-prvs: 09555FB1AD
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(366004)(396003)(39860400002)(346002)(136003)(32952001)(13464003)(55784004)(189003)(199004)(53936002)(6916009)(229853002)(25786009)(5660300002)(68736007)(55016002)(9686003)(224303003)(26005)(106356001)(97736004)(4326008)(11346002)(6506007)(53546011)(6246003)(105586002)(80792005)(486006)(186003)(72206003)(478600001)(76176011)(33656002)(2906002)(102836004)(14454004)(446003)(6436002)(476003)(66066001)(305945005)(78486014)(71190400001)(316002)(81156014)(86362001)(93886005)(81166006)(54906003)(71200400001)(99286004)(6116002)(8936002)(5024004)(66574012)(7736002)(74316002)(256004)(7696005)(14444005)(3846002)(85282002); DIR:OUT; SFP:1101; SCL:1; SRVR:BYAPR16MB2552; H:BYAPR16MB2790.namprd16.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: McAfee.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: rFtlqEMDgVGsGqm+VXbhOiFDxQ/pVDj5Cf9sRcqCvXqJI97jELhQbwTbSZdrkeAmGHm+R4hGSTvMaNNgXXaIIsyW/kuojMxHtZ1KdIfZJTxsmU9WgxiCBuNucgxG5vxVrwSGw/Qwhk5bfqWViyJwHQy6BtrvCgPIfu0A7RW5mNZerLoNkTcxR7d5ZBS/uWmaOK64nS3DatFzyDjzrhiDwmC/VeZr39v9Ax/Y6YkOi7oHKZMoXF2GwWPhq2ILDfJAn0F5iXnBAJRs8bsigS8wbZL8zR2buvBH/IjeJbZpWRSFDOryII6qVWDZtTRGyxpcxotD2ondITujmHwxi6Khtw+IAFzodjgUNrXTBvgJacFrUHzoCRtTUKHaNaGX6kMTfZptWwYYtGV+h4BH51Rqi3s8TxmYhEJCzDtGzCMpQ7I=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 8e759a34-1c3c-41ff-2fd0-08d6980549db
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Feb 2019 14:02:59.9622 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4943e38c-6dd4-428c-886d-24932bc2d5de
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR16MB2552
X-OriginatorOrg: mcafee.com
X-NAI-Spam-Flag: NO
X-NAI-Spam-Level:
X-NAI-Spam-Threshold: 15
X-NAI-Spam-Score: 0.4
X-NAI-Spam-Version: 2.3.0.9418 : core <6488> : inlines <7019> : streams <1813684> : uri <2799951>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/WgwfTDOen8N8XuUvGQfWQ7tpgms>
Subject: Re: [Dots] Mirja Kühlewind's Discuss on draft-ietf-dots-requirements-18: (with DISCUSS and COMMENT)
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Feb 2019 14:04:05 -0000

> -----Original Message-----
> From: Mirja Kuehlewind (IETF) <ietf@kuehlewind.net>
> Sent: Thursday, February 21, 2019 7:10 PM
> To: Konda, Tirumaleswar Reddy <TirumaleswarReddy_Konda@McAfee.com>
> Cc: mohamed.boucadair@orange.com; Teague, Nik <nteague@Verisign.com>;
> dots-chairs@ietf.org; frank.xialiang@huawei.com; dots@ietf.org; The IESG
> <iesg@ietf.org>; draft-ietf-dots-requirements@ietf.org
> Subject: Re: [Dots] Mirja Kühlewind's Discuss on draft-ietf-dots-requirements-
> 18: (with DISCUSS and COMMENT)
> 
> This email originated from outside of the organization. Do not click links or
> open attachments unless you recognize the sender and know the content is safe.
> 
> Hi Tiru,
> 
> please see below.
> 
> > Am 21.02.2019 um 14:03 schrieb Konda, Tirumaleswar Reddy
> <TirumaleswarReddy_Konda@McAfee.com>:
> >
> >> -----Original Message-----
> >> From: mohamed.boucadair@orange.com
> <mohamed.boucadair@orange.com>
> >> Sent: Thursday, February 21, 2019 5:55 PM
> >> To: Mirja Kuehlewind (IETF) <ietf@kuehlewind.net>; Teague, Nik
> >> <nteague@Verisign.com>
> >> Cc: dots-chairs@ietf.org; frank.xialiang@huawei.com; dots@ietf.org;
> >> The IESG <iesg@ietf.org>; draft-ietf-dots-requirements@ietf.org
> >> Subject: RE: Re: [Dots] Mirja Kühlewind's Discuss on draft-ietf-dots-
> >> requirements-18: (with DISCUSS and COMMENT)
> >>
> >> This email originated from outside of the organization. Do not click
> >> links or open attachments unless you recognize the sender and know the
> content is safe.
> >>
> >> Re-,
> >>
> >> Please see inline.
> >>
> >> Cheers,
> >> Med
> >>
> >>> -----Message d'origine-----
> >>> De : Mirja Kuehlewind (IETF) [mailto:ietf@kuehlewind.net] Envoyé :
> >>> jeudi 21 février 2019 12:42 À : Teague, Nik Cc : BOUCADAIR Mohamed
> >>> TGI/OLN; dots-chairs@ietf.org; frank.xialiang@huawei.com;
> >>> dots@ietf.org; The IESG; draft-ietf-dots- requirements@ietf.org
> >>> Objet
> >>> : Re: Re: [Dots] Mirja Kühlewind's Discuss on draft-ietf-dots-
> >>> requirements-18: (with DISCUSS and COMMENT)
> >>>
> >>> Hi,
> >>>
> >>> please see below.
> >>>
> >>>> Am 21.02.2019 um 12:18 schrieb Teague, Nik <nteague@Verisign.com>:
> >>>>
> >>>> Hi,
> >>>>
> >>>>
> >>>> On 21 Feb 2019, at 10:58, Mirja Kuehlewind (IETF)
> >>>> <ietf@kuehlewind.net>
> >>> wrote:
> >>>>
> >>>>>>> 3) In SIG-006 you say:
> >>>>>>> "      Due to the higher likelihood of packet loss during a DDoS attack,
> >>>>>>>   DOTS servers MUST regularly send mitigation status to authorized
> >>>>>>>   DOTS clients which have requested and been granted mitigation,
> >>>>>>>   regardless of client requests for mitigation status."
> >>>>>>>
> >>>>>>> Please note that this is only true if a not-reliable transport is used.
> >>> If a
> >>>>>>> reliable transport is used, data is received at the application
> >>>>>>> level
> >>> without
> >>>>>>> loss (but maybe some delay) or the connection is terminated (if
> >>>>>>> loss is
> >>> too
> >>>>>>> high to retransmit successfully).
> >>>>>>>
> >>>>>>
> >>>>>> [Med] The requirement as worded is OK.
> >>>>>
> >>>>> I disagree, because as I said if a reliable transport is used this
> >>>>> is not
> >>> true. Maybe you can adapt this sentence slightly to clarify that you
> >>> probably had a scenario in mind where an unreliable transport is
> >>> used
> >>>>
> >>>> The key part here is ‘packet’ vs ‘data’ - packets will be lost on
> >>>> congested
> >>> links regardless of data integrity.  This may degrade connection re-
> >>> establishment with tcp and cause data loss in an unreliable transport.
> >>>
> >>> Yes, packet loss also occurs also with reliable transports and might
> >>> lead to connection failure. However, I don’t this how this
> >>> requirement is derived from that effect. If I use a reliable
> >>> transport and my connection does not fail, I can be sure that the
> >>> mitigation status information have been received correctly, so why
> >>> do I need to re-send
> >> frequently then?
> >>
> >> [Med] The text you quoted is not about "frequent retransmission" but
> >> about sending updates related to the status of a mitigation in
> >> progress. The server has to send regular notifications to update the
> >> client about the status of a mitigation.
> >
> > I have modified the text as follows to address the comment:
> >
> > DOTS server MUST regularly send mitigation status updates to authorized
> DOTS clients which have requested and been granted mitigation. If unreliable
> transport is used for the signal channel protocol, due to the higher likelihood of
> packet loss during a DDoS attack, DOTS server MUST regularly retransmit
> mitigation status.
> 
> Thanks! One wording comment, unless I misunderstood something, I don’t think
> there is any kind of acknowledgment mechanism when unreliable transport is
> used. There the use of the word „retransmit“ seems irritating here. Do you
> maybe want to say something like this:
> 
> "DOTS server MUST regularly send mitigation status updates to authorized
> DOTS clients which have requested and been granted mitigation. If unreliable
> transport is used for the signal channel protocol, due to the higher likelihood of
> packet loss during a DDoS attack, DOTS server SHOULD send mitigation status
> updates more frequently.“

The updated mitigation status needs to be sent multiple times to increase the likeliness of the message reaching the client, and any specific reason for using SHOULD instead of MUST. I propose the following update: 
DOTS server MUST regularly send mitigation status updates to authorized DOTS clients which have requested and been granted mitigation. If unreliable transport is used for the signal channel protocol, due to the higher likelihood of packet loss during a DDoS attack, DOTS server MUST send mitigation status multiple times at regular intervals following the data transmission guidelines discussed in Section 3.1.3 of [RFC8085].

-Tiru

> 
> ?
> 
> Mirja
> 
> 
> 
> >
> > -Tiru
> >
> >>
> >>>
> >>> Mirja
> >>>
> >>>
> >>>
> >

v2.23.0 | Report a Bug | By Email