Re: [Dots] Target-Attack-type expansion: more discussion

"Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com> Mon, 01 April 2019 13:41 UTC

Return-Path: <TirumaleswarReddy_Konda@mcafee.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 34FCB12011D for <dots@ietfa.amsl.com>; Mon, 1 Apr 2019 06:41:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mcafee.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QQtWijQE8ala for <dots@ietfa.amsl.com>; Mon, 1 Apr 2019 06:41:55 -0700 (PDT)
Received: from DNVWSMAILOUT1.mcafee.com (dnvwsmailout1.mcafee.com [161.69.31.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B6183120110 for <dots@ietf.org>; Mon, 1 Apr 2019 06:41:54 -0700 (PDT)
X-NAI-Header: Modified by McAfee Email Gateway (5500)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mcafee.com; s=s_mcafee; t=1554125844; h=From: To:Subject:Thread-Topic:Thread-Index:Date: Message-ID:References:In-Reply-To:Accept-Language: Content-Language:X-MS-Has-Attach:X-MS-TNEF-Correlator: dlp-product:dlp-version:dlp-reaction:authentication-results: x-originating-ip:x-ms-publictraffictype:x-ms-office365-filtering-correlation-id: x-microsoft-antispam:x-ms-traffictypediagnostic: x-ms-exchange-purlcount:x-microsoft-antispam-prvs: x-forefront-prvs:x-forefront-antispam-report: received-spf:x-ms-exchange-senderadcheck:x-microsoft-antispam-message-info: Content-Type:MIME-Version:X-MS-Exchange-CrossTenant-Network-Message-Id: X-MS-Exchange-CrossTenant-originalarrivaltime: X-MS-Exchange-CrossTenant-fromentityheader: X-MS-Exchange-CrossTenant-id:X-MS-Exchange-CrossTenant-mailboxtype: X-MS-Exchange-Transport-CrossTenantHeadersStamped: X-OriginatorOrg:X-NAI-Spam-Flag:X-NAI-Spam-Threshold: X-NAI-Spam-Score:X-NAI-Spam-Version; bh=o kRef8cgZQ/Bh34jGHB0zHo3EvuLlvD3UNIibf+nOM A=; b=miiN6e05GDxCfmDDsHMSRhDzN+WUjbrJmOaZkz+aax7g ef7Nwy0nlcM3HFKpIqtHq5UsyTVJAPG6P5pU5abF5kFp4Sxv0F 1z2lg8z/9HDxqitPG/X8SgXZL3cW6ttfQSRf+opYqS5U82nlR/ IyZZqZlftm7gyCMR0HtP8M3lcnA=
Received: from DNVEXAPP1N06.corpzone.internalzone.com (DNVEXAPP1N06.corpzone.internalzone.com [10.44.48.90]) by DNVWSMAILOUT1.mcafee.com with smtp (TLS: TLSv1/SSLv3,256bits,ECDHE-RSA-AES256-SHA384) id 5cc1_c636_4b547a5a_cf2a_4698_925e_6015e1f0d34c; Mon, 01 Apr 2019 07:37:24 -0600
Received: from DNVEXAPP1N05.corpzone.internalzone.com (10.44.48.89) by DNVEXAPP1N06.corpzone.internalzone.com (10.44.48.90) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Mon, 1 Apr 2019 07:41:48 -0600
Received: from DNVO365EDGE2.corpzone.internalzone.com (10.44.176.74) by DNVEXAPP1N05.corpzone.internalzone.com (10.44.48.89) with Microsoft SMTP Server (TLS) id 15.0.1395.4 via Frontend Transport; Mon, 1 Apr 2019 07:41:48 -0600
Received: from NAM05-BY2-obe.outbound.protection.outlook.com (10.44.176.240) by edge.mcafee.com (10.44.176.74) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Mon, 1 Apr 2019 07:41:47 -0600
Received: from BYAPR16MB2790.namprd16.prod.outlook.com (20.178.233.91) by BYAPR16MB2760.namprd16.prod.outlook.com (20.178.233.12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1750.15; Mon, 1 Apr 2019 13:41:47 +0000
Received: from BYAPR16MB2790.namprd16.prod.outlook.com ([fe80::959f:8bd7:8c34:238d]) by BYAPR16MB2790.namprd16.prod.outlook.com ([fe80::959f:8bd7:8c34:238d%6]) with mapi id 15.20.1750.021; Mon, 1 Apr 2019 13:41:47 +0000
From: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com>
To: =?utf-8?B?6ZmI576O546y?= <chenmeiling@chinamobile.com>, dots <dots@ietf.org>
Thread-Topic: [Dots] Target-Attack-type expansion: more discussion
Thread-Index: AQHU5iDQ6TWHn/afGUmC8veMiViwa6YnVNVQ
Date: Mon, 1 Apr 2019 13:41:46 +0000
Message-ID: <BYAPR16MB27902E515053F05A508CAB58EA550@BYAPR16MB2790.namprd16.prod.outlook.com>
References: <2afa5c9df0626fd-00007.Richmail.00004070460264152429@chinamobile.com>
In-Reply-To: <2afa5c9df0626fd-00007.Richmail.00004070460264152429@chinamobile.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.2.0.6
dlp-reaction: no-action
authentication-results: spf=none (sender IP is ) smtp.mailfrom=TirumaleswarReddy_Konda@McAfee.com;
x-originating-ip: [49.37.205.163]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 6885ed88-0282-4aa1-435c-08d6b6a7c936
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600139)(711020)(4605104)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020); SRVR:BYAPR16MB2760;
x-ms-traffictypediagnostic: BYAPR16MB2760:
x-ms-exchange-purlcount: 3
x-microsoft-antispam-prvs: <BYAPR16MB2760774DF829992C268184A2EA550@BYAPR16MB2760.namprd16.prod.outlook.com>
x-forefront-prvs: 0994F5E0C5
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(346002)(396003)(366004)(136003)(39860400002)(32952001)(53754006)(199004)(189003)(25584004)(52536014)(55016002)(106356001)(99286004)(105586002)(26005)(8936002)(606006)(486006)(74316002)(476003)(53546011)(7696005)(76176011)(86362001)(53936002)(11346002)(72206003)(71190400001)(71200400001)(102836004)(66066001)(966005)(25786009)(6506007)(80792005)(478600001)(229853002)(2906002)(81166006)(5660300002)(6436002)(790700001)(6246003)(33656002)(5024004)(7736002)(6306002)(9686003)(14454004)(68736007)(186003)(446003)(6116002)(8676002)(316002)(97736004)(54896002)(236005)(3846002)(256004)(110136005)(81156014)(85282002); DIR:OUT; SFP:1101; SCL:1; SRVR:BYAPR16MB2760; H:BYAPR16MB2790.namprd16.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: McAfee.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: EkQmUBhZ/Uk+yDpDHh3UxEUBqCxfp+RPEU7BTsDCys1ilkrQ9IRVijYwWIaaEfvja4YCWT41bVMiKqn5vEt4TZGxK0TYr6/wAJM6dnVjFUI3J4kq6UChxBChmBL/DaZeKmyT5SxFiP9qyG+LqDGGr2aVrZCXEP7qrhDdR4/YbrrzMrxzdi+HhWEkVgs72rWQkk8MI8Xj0wcWUxGrTLkOLnYO+Ra0gjutKkdZkrIUrxZIhg+iXHsdrGwLHXUK0bRwu/BeYPp8C0tW/a2CGkDO5j1DISP647LCqb0ku4dBxT6562euG5PL3QGDYdV1z8hJupRlgqFYORCUH774SpM7hGhszpaA3BH1HcWCQgDfTWVhuAZl0j+1udfpgLcLoop+xVDXiXrUm7jDV15cQUk1AdTiBeR5NpAuTgS6RwnXi8s=
Content-Type: multipart/alternative; boundary="_000_BYAPR16MB27902E515053F05A508CAB58EA550BYAPR16MB2790namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 6885ed88-0282-4aa1-435c-08d6b6a7c936
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Apr 2019 13:41:46.9432 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4943e38c-6dd4-428c-886d-24932bc2d5de
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR16MB2760
X-OriginatorOrg: mcafee.com
X-NAI-Spam-Flag: NO
X-NAI-Spam-Threshold: 15
X-NAI-Spam-Score: 0
X-NAI-Spam-Version: 2.3.0.9418 : core <6515> : inlines <7045> : streams <1817401> : uri <2823817>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/luvh6Os0IdfrFY9exRmJOnD0h8o>
Subject: Re: [Dots] Target-Attack-type expansion: more discussion
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Apr 2019 13:41:57 -0000

https://tools.ietf.org/html/draft-doron-dots-telemetry-00#section-3.1.3 discusses attack details and we need to figure out the right format to convey the attack details.

-Tiru

From: Dots <dots-bounces@ietf.org> On Behalf Of ???
Sent: Friday, March 29, 2019 4:45 PM
To: dots <dots@ietf.org>
Subject: [Dots] Target-Attack-type expansion: more discussion


CAUTION: External email. Do not click links or open attachments unless you recognize the sender and know the content is safe.


________________________________

Hi everyone,

Due to time constraints during my presentation, we hadn't make much more discuss yesterday,

I'd like to continue discussion of these topics in the mail if you have any questions or comments about this draft.

Thanks.





MeiLing Chen

--------------------------------------------------------------------------------------

Research institute of China mobile communications co. LTD

Institute of safety technology

Email address: chenmeiling@chinamobile.com<mailto:chenmeiling@chinamobile.com>

Phone: 13810149515

Address: no. 32, xuanwumen west street, xicheng district, Beijing (mobile innovation building)