IETF Logo Mail Archive

Re: [Dots] I-D Action: draft-ietf-dots-signal-channel-23.txt

kaname nishizuka <kaname@nttv6.jp> Tue, 28 August 2018 08:28 UTC

Return-Path: <kaname@nttv6.jp>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D90A0130DE9 for <dots@ietfa.amsl.com>; Tue, 28 Aug 2018 01:28:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fyLb7LCdGBZg for <dots@ietfa.amsl.com>; Tue, 28 Aug 2018 01:28:16 -0700 (PDT)
Received: from guri.nttv6.jp (guri.nttv6.jp [IPv6:2402:c800:ff06:136::140]) by ietfa.amsl.com (Postfix) with ESMTP id ED03D130DC7 for <dots@ietf.org>; Tue, 28 Aug 2018 01:28:15 -0700 (PDT)
Received: from z.nttv6.jp (z.nttv6.jp [192.168.8.15]) by guri.nttv6.jp (NTTv6MTA) with ESMTP id 9D56F25F6CA for <dots@ietf.org>; Tue, 28 Aug 2018 17:28:14 +0900 (JST)
Received: from MacBook-Pro-17.local (fujiko.nttv6.jp [115.69.228.141]) by z.nttv6.jp (NTTv6MTA) with ESMTP id 4D71F75901E for <dots@ietf.org>; Tue, 28 Aug 2018 17:28:14 +0900 (JST)
To: "dots@ietf.org" <dots@ietf.org>
References: <153450832098.18132.7342824614297335945@ietfa.amsl.com> <787AE7BB302AE849A7480A190F8B93302DFAB5EC@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
From: kaname nishizuka <kaname@nttv6.jp>
Message-ID: <63f96d7b-77f0-e5c4-6759-1225079f84f6@nttv6.jp>
Date: Tue, 28 Aug 2018 17:28:13 +0900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <787AE7BB302AE849A7480A190F8B93302DFAB5EC@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
Content-Type: multipart/alternative; boundary="------------14BD0E47EB56255202F7CFA7"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/g-hxiHIeQPBQVAPmiwEUzqM3OKA>
Subject: Re: [Dots] I-D Action: draft-ietf-dots-signal-channel-23.txt
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Aug 2018 08:28:19 -0000

Hi,

I did a review on -23 of the signal channel draft:

1. [correction] GET request can be without 'sid' Uri-Path parameter.
<
    If a non-zero value of Max-Age Option is received by a DOTS client,
    it MUST issue a GET request with 'sid' Uri-Path parameter to retrieve
    the current and acceptable configuration before the expiry of the
    value enclosed in the Max-Age option.
>
    If a non-zero value of Max-Age Option is received by a DOTS client,
    it MUST issue a GET request to retrieve
    the current and acceptable configuration before the expiry of the
    value enclosed in the Max-Age option.



2. [proposal] Adding trigger-mitigation to several example figures about mitigation request

Figure 7.
{
  "ietf-dots-signal-channel:mitigation-scope": {
    "scope": [
      {
        "target-prefix": [
           "2001:db8:6401::1/128",
           "2001:db8:6401::2/128"
         ],
        "target-port-range": [
          {
            "lower-port": 80
          },
          {
            "lower-port": 443
          },
          {
             "lower-port": 8080
          }
         ],
         "target-protocol": [
           6
         ],
        "lifetime": 3600,
        "trigger-mitigation": true
      }
    ]
  }
}

Figure 8.
A1                                      # map(1)
    01                                   # unsigned(1)
    A1                                   # map(1)
       02                                # unsigned(2)
       81                                # array(1)
          A5                             # map(5)
             06                          # unsigned(6)
             82                          # array(2)
                74                       # text(20)
                   323030313A6462383A363430313A3A312F313238 # "2001:db8:6401::1/128"
                74                       # text(20)
                   323030313A6462383A363430313A3A322F313238 # "2001:db8:6401::2/128"
             07                          # unsigned(7)
             83                          # array(3)
                A1                       # map(1)
                   08                    # unsigned(8)
                   18 50                 # unsigned(80)
                A1                       # map(1)
                   08                    # unsigned(8)
                   19 01BB               # unsigned(443)
                A1                       # map(1)
                   08                    # unsigned(8)
                   19 1F90               # unsigned(8080)
             0A                          # unsigned(10)
             81                          # array(1)
                06                       # unsigned(6)
             0E                          # unsigned(14)
             19 0E10                     # unsigned(3600)
             18 2D                       # unsigned(45)
             F5                          # primitive(21)


thanks,
Kaname
  

On 2018/08/17 21:28, mohamed.boucadair@orange.com wrote:
> Hi all,
>
> This version follows the recommendations from the core WG:
> * Move Hop-Limit text to a separate I-D: I-D.boucadair-core-hop-limit.
> * Abandon the use of 3.00, but use 5.03 instead.
>
> The good news is that these changes are straightforward and do not hold publication because I-D.boucadair-core-hop-limit is not a normative reference.
>
> We also updated the text to reflect the recent publication of RFC8446 (TLS 1.3). Changes are tweaked to be aligned with the discussion with Benjamin (thanks).
>
> Chairs, the token is yours now :)
>
> Cheers,
> Med
>
>> -----Message d'origine-----
>> De : I-D-Announce [mailto:i-d-announce-bounces@ietf.org] De la part de
>> internet-drafts@ietf.org
>> Envoyé : vendredi 17 août 2018 14:19
>> À : i-d-announce@ietf.org
>> Cc : dots@ietf.org
>> Objet : I-D Action: draft-ietf-dots-signal-channel-23.txt
>>
>>
>> A New Internet-Draft is available from the on-line Internet-Drafts
>> directories.
>> This draft is a work item of the DDoS Open Threat Signaling WG of the IETF.
>>
>>          Title           : Distributed Denial-of-Service Open Threat Signaling
>> (DOTS) Signal Channel Specification
>>          Authors         : Tirumaleswar Reddy
>>                            Mohamed Boucadair
>>                            Prashanth Patil
>>                            Andrew Mortensen
>>                            Nik Teague
>> 	Filename        : draft-ietf-dots-signal-channel-23.txt
>> 	Pages           : 87
>> 	Date            : 2018-08-17
>>
>> Abstract:
>>     This document specifies the DOTS signal channel, a protocol for
>>     signaling the need for protection against Distributed Denial-of-
>>     Service (DDoS) attacks to a server capable of enabling network
>>     traffic mitigation on behalf of the requesting client.
>>
>>     A companion document defines the DOTS data channel, a separate
>>     reliable communication layer for DOTS management and configuration
>>     purposes.
>>
>> Editorial Note (To be removed by RFC Editor)
>>
>>     Please update these statements within the document with the RFC
>>     number to be assigned to this document:
>>
>>     o  "This version of this YANG module is part of RFC XXXX;"
>>
>>     o  "RFC XXXX: Distributed Denial-of-Service Open Threat Signaling
>>        (DOTS) Signal Channel Specification";
>>
>>     o  "| [RFCXXXX] |"
>>
>>     o  reference: RFC XXXX
>>
>>     Please update TBD statements with the port number to be assigned to
>>     DOTS Signal Channel Protocol.
>>
>>     Also, please update the "revision" date of the YANG module.
>>
>>
>> The IETF datatracker status page for this draft is:
>> https://datatracker.ietf.org/doc/draft-ietf-dots-signal-channel/
>>
>> There are also htmlized versions available at:
>> https://tools.ietf.org/html/draft-ietf-dots-signal-channel-23
>> https://datatracker.ietf.org/doc/html/draft-ietf-dots-signal-channel-23
>>
>> A diff from the previous version is available at:
>> https://www.ietf.org/rfcdiff?url2=draft-ietf-dots-signal-channel-23
>>
>>
>> Please note that it may take a couple of minutes from the time of submission
>> until the htmlized version and diff are available at tools.ietf.org.
>>
>> Internet-Drafts are also available by anonymous FTP at:
>> ftp://ftp.ietf.org/internet-drafts/
>>
>> _______________________________________________
>> I-D-Announce mailing list
>> I-D-Announce@ietf.org
>> https://www.ietf.org/mailman/listinfo/i-d-announce
>> Internet-Draft directories: http://www.ietf.org/shadow.html
>> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
> _______________________________________________
> Dots mailing list
> Dots@ietf.org
> https://www.ietf.org/mailman/listinfo/dots

v2.23.0 | Report a Bug | By Email