Re: [Dots] Tsvart last call review of draft-ietf-dots-signal-channel-31

<> Mon, 01 April 2019 06:55 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 1E88C120094; Sun, 31 Mar 2019 23:55:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id IuNV7xsIPYCS; Sun, 31 Mar 2019 23:55:21 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 7F00112006B; Sun, 31 Mar 2019 23:55:20 -0700 (PDT)
Received: from (unknown [xx.xx.xx.9]) by (ESMTP service) with ESMTP id 44XjlV3qffzBs57; Mon, 1 Apr 2019 08:55:18 +0200 (CEST)
Received: from Exchangemail-eme6.itn.ftgroup (unknown [xx.xx.13.38]) by (ESMTP service) with ESMTP id 44XjlV2XSSz5vNT; Mon, 1 Apr 2019 08:55:18 +0200 (CEST)
Received: from OPEXCAUBMA2.corporate.adroot.infra.ftgroup ([fe80::e878:bd0:c89e:5b42]) by OPEXCAUBM5C.corporate.adroot.infra.ftgroup ([fe80::393d:418c:3f1d:991d%21]) with mapi id 14.03.0439.000; Mon, 1 Apr 2019 08:55:18 +0200
To: Yoshifumi Nishida <>, "" <>
CC: "" <>, "" <>, "" <>
Thread-Topic: Tsvart last call review of draft-ietf-dots-signal-channel-31
Thread-Index: AQHU558ufntwVngg7kOH5nXz0UBFpKYmxYrw
Date: Mon, 01 Apr 2019 06:55:17 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B93302EA5053A@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
References: <>
In-Reply-To: <>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
x-originating-ip: []
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <>
Subject: Re: [Dots] Tsvart last call review of draft-ietf-dots-signal-channel-31
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 01 Apr 2019 06:55:25 -0000

Hi Yoshi, 

Thank you for the review. 

Please see inline.


> -----Message d'origine-----
> De : Yoshifumi Nishida via Datatracker []
> Envoyé : dimanche 31 mars 2019 10:53
> À :
> Cc :;;
> Objet : Tsvart last call review of draft-ietf-dots-signal-channel-31
> Reviewer: Yoshifumi Nishida
> Review result: Almost Ready
> This document has been reviewed as part of the transport area review team's
> ongoing effort to review key IETF documents. These comments were written
> primarily for the transport area directors, but are copied to the document's
> authors and WG to allow them to address any issues raised and also to the
> discussion list for information.
> When done at the time of IETF Last Call, the authors should consider this
> review as part of the last-call comments they receive. Please always CC
> if you reply to or forward this review.
> Summary: This document is almost ready for publication, but it will be better
> to clarify the following points.
> 1:   "it is out of scope of this document to specify the behavior to be
> followed by a DOTS client to send DOTS requests when multiple
>         DOTS servers are provisioned."
>       I'm not sure why it is out of scope. Does it bring a certain
> complexities
>       to the protocol?
>      Or, does it simply mean it is up to implementations?

[Med] This is because of specific considerations such as those discussed in draft-ietf-dots-multihoming. We don't want to overload the base spec with such considerations (discussed in separate documents). The same approach is followed for server discovery (draft-ietf-dots-server-discovery). 

> 2:   "The DOTS client periodically repeats the mechanism to discover whether
> DOTS signal
>         channel messages with DTLS over UDP becomes available from the DOTS
>         server.."
>        -> Does this mean DOTS clients will not repeat this when it already
> has
>        DTLS over UDP connection?
>            What about if the client has DTLS over UDPv4? Does it try to check
>            DTLS over UDPv6? Also, is this logic MAY or SHOULD or don't want
> to
>            specify?

[Med] The client will retry when the cache flushes out:

   Note that the DOTS client after successfully establishing a
   connection MUST cache information regarding the outcome of each
   connection attempt for a specific time period, and it uses that
   information to avoid thrashing the network with subsequent attempts.

No restriction is called out in that text. 

The text you quoted is referring to the example in Figure 4. 

> 3:   "DOTS agents SHOULD follow the data transmission guidelines discussed
>         in Section 3.1.3 of [RFC8085] and control transmission behavior by
>         not sending more than one UDP datagram per round-trip time (RTT) to
>         the peer DOTS agent on average."
>       ->  How about TCP connections? 

[Med] TCP does not have the issue with non-confirmable messages. FWIW, RFC8323 states the following: 

   The request/response interaction model of CoAP over TCP is the same
   as CoAP over UDP.  The primary differences are in the message layer.
   The message layer of CoAP over UDP supports optional reliability by
   defining four types of messages: Confirmable, Non-confirmable,
   Acknowledgment, and Reset.


   Since TCP eliminates the need for the message layer to support
   reliability, CoAP over reliable transports does not support
   Confirmable or Non-confirmable message types.

Do they need a similar principle such as
>       limiting window size?
> Thanks,
> --
> Yoshi