Re: [Dots] Erik Kline's No Objection on draft-ietf-dots-signal-call-home-11: (with COMMENT)
mohamed.boucadair@orange.com Thu, 17 December 2020 08:21 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 793313A10E9; Thu, 17 Dec 2020 00:21:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=orange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ItEnXQ1mRGCD; Thu, 17 Dec 2020 00:21:10 -0800 (PST)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.66.40]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3DBCF3A10E5; Thu, 17 Dec 2020 00:21:10 -0800 (PST)
Received: from opfedar00.francetelecom.fr (unknown [xx.xx.xx.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by opfedar27.francetelecom.fr (ESMTP service) with ESMTPS id 4CxQ1b5Hn0z2xkY; Thu, 17 Dec 2020 09:21:07 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com; s=ORANGE001; t=1608193267; bh=wxVRcNXAKKKQxL/Kdw1X9XWYizbE7lV0OBbES6tzFqo=; h=From:To:Subject:Date:Message-ID:Content-Type: Content-Transfer-Encoding:MIME-Version; b=rHxBlOggNkpW9xmkbBTKnR6BC9rSuytF0/brNpbgyz4JY8EBGSthcGH+qBLlo2QA7 M+2i3JvIoXNCmhndmQeJsGZKACGSmnZ6anNJi5GUez2aw1vO6Qx1vkt0U1yX+9gG+4 HFqDrR4NHKBz4mwbKoUO9JL2q+YLo/bcxHbL7jv2RmzAL52mSGVO+Nco0199dx5b0b SkP6a1HAcuaiRUMnZLLItQcPaLmPTlzohdEM+TyOJdfoWWqL9P4+omDytIHQUAmU62 2AkG8i+jF9TVZm7c3aitqh8NCxy8Az2j6tvvtsV1beUV8RAsU2e3AKXzE/ANgmL7SA aBHfbJ0U3GzDw==
Received: from Exchangemail-eme6.itn.ftgroup (unknown [xx.xx.13.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by opfedar00.francetelecom.fr (ESMTP service) with ESMTPS id 4CxQ1b3ZSxzCqkK; Thu, 17 Dec 2020 09:21:07 +0100 (CET)
From: mohamed.boucadair@orange.com
To: Erik Kline <ek.ietf@gmail.com>, The IESG <iesg@ietf.org>
CC: "draft-ietf-dots-signal-call-home@ietf.org" <draft-ietf-dots-signal-call-home@ietf.org>, "dots-chairs@ietf.org" <dots-chairs@ietf.org>, "dots@ietf.org" <dots@ietf.org>, Valery Smyslov <valery@smyslov.net>
Thread-Topic: Erik Kline's No Objection on draft-ietf-dots-signal-call-home-11: (with COMMENT)
Thread-Index: AQHW1Eo4pwsM62KBjUO7y+DPWy1N76n67OPQ
Date: Thu, 17 Dec 2020 08:21:06 +0000
Message-ID: <26526_1608193267_5FDB14F3_26526_36_3_787AE7BB302AE849A7480A190F8B93303159EE7A@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
References: <160819182651.13957.11446411934602445362@ietfa.amsl.com>
In-Reply-To: <160819182651.13957.11446411934602445362@ietfa.amsl.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.13.247]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/ee3vq0vGwjNNZpESmYHk7e2Io7M>
Subject: Re: [Dots] Erik Kline's No Objection on draft-ietf-dots-signal-call-home-11: (with COMMENT)
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Dec 2020 08:21:13 -0000
Hi Erik, > * Can the source-prefix include IPv4/IPv6 link-local prefixes? > Yes. Only multicast/broadcast/loopback addresses are not allowed. > Can the server and client be on the same link (and therefore > link-local addresses might have some discernable meaning)? Yeah. A DOTS gateway may be embedded in the access router. That’s said, we need to distinguish between the @es to reach the DOTS agents vs. the ones signaled in the DOTS messages (which belong to the attack sources). An example of the use of link-local @ses is what is hinted in Éric's review: "if the CPE is a layer-2 node". Cheers, Med > -----Message d'origine----- > De : Erik Kline via Datatracker [mailto:noreply@ietf.org] > Envoyé : jeudi 17 décembre 2020 08:57 > À : The IESG <iesg@ietf.org> > Cc : draft-ietf-dots-signal-call-home@ietf.org; dots- > chairs@ietf.org; dots@ietf.org; Valery Smyslov <valery@smyslov.net>; > valery@smyslov.net > Objet : Erik Kline's No Objection on draft-ietf-dots-signal-call- > home-11: (with COMMENT) > > Erik Kline has entered the following ballot position for > draft-ietf-dots-signal-call-home-11: No Objection > > When responding, please keep the subject line intact and reply to > all email addresses included in the To and CC lines. (Feel free to > cut this introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss- > criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-dots-signal-call-home/ > > > > -------------------------------------------------------------------- > -- > COMMENT: > -------------------------------------------------------------------- > -- > > [[ questions ]] > > [ section 5.3.1 ] > > * Can the source-prefix include IPv4/IPv6 link-local prefixes? > > Can the server and client be on the same link (and therefore > link-local addresses might have some discernable meaning)? > > _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
- [Dots] Erik Kline's No Objection on draft-ietf-do… Erik Kline via Datatracker
- Re: [Dots] Erik Kline's No Objection on draft-iet… mohamed.boucadair