Re: [Dots] Role reversal in RFC7252

Carsten Bormann <> Tue, 12 November 2019 06:58 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B2106120132 for <>; Mon, 11 Nov 2019 22:58:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id UOgyUtGbeakn for <>; Mon, 11 Nov 2019 22:58:45 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 047691200A4 for <>; Mon, 11 Nov 2019 22:58:45 -0800 (PST)
Received: from [] ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id 47Bz9b11JjzyrG; Tue, 12 Nov 2019 07:58:43 +0100 (CET)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Carsten Bormann <>
In-Reply-To: <787AE7BB302AE849A7480A190F8B9330313622C7@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
Date: Tue, 12 Nov 2019 07:58:42 +0100
Cc: "" <>
X-Mao-Original-Outgoing-Id: 595234720.930106-2c87a742a733ef02be595ce7992e5c4f
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <787AE7BB302AE849A7480A190F8B93303135F7FE@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <> <787AE7BB302AE849A7480A190F8B9330313622C7@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <>
Subject: Re: [Dots] Role reversal in RFC7252
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 12 Nov 2019 06:58:48 -0000

On Nov 12, 2019, at 07:40, <> <> wrote:
> Hi Carsten, 
> Fully agree if we model an endpoint as both a client and server.
> The concern I had is when we want to model an endpoint solely as an “client" (or as a server).

The question is why you would want to do this.

The main point about a server is that its transport address (IP address + port number) needs to be known to talk to it.  (The client implicitly indicates its transport address in a request, and it only needs to be stable up to a response — which may include an observe notification later.)

So if your clients are hopping around on different addresses, role reversal requires the server-now-client to know the current one.  In a keep alive situation, I’d expect that to be the case, so there is very little against role reversal.

(I’m assuming DOTS environments are NAT free.)

Grüße, Carsten