IETF Logo Mail Archive

Re: [Dots] Nits on draft-ietf-dots-signal-channel-23

"Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com> Wed, 05 September 2018 10:21 UTC

Return-Path: <TirumaleswarReddy_Konda@mcafee.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F40F130DC5 for <dots@ietfa.amsl.com>; Wed, 5 Sep 2018 03:21:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Level:
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mcafee.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QQBzpcPNz4hd for <dots@ietfa.amsl.com>; Wed, 5 Sep 2018 03:21:16 -0700 (PDT)
Received: from DNVWSMAILOUT1.mcafee.com (dnvwsmailout1.mcafee.com [161.69.31.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DB437130DFB for <dots@ietf.org>; Wed, 5 Sep 2018 03:21:15 -0700 (PDT)
X-NAI-Header: Modified by McAfee Email Gateway (5500)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mcafee.com; s=s_mcafee; t=1536142878; h=From: To:Subject:Thread-Topic:Thread-Index:Date: Message-ID:References:In-Reply-To:Accept-Language: Content-Language:X-MS-Has-Attach:X-MS-TNEF-Correlator: dlp-product:dlp-version:dlp-reaction:authentication-results: x-originating-ip:x-ms-publictraffictype:x-microsoft-exchange-diagnostics: x-ms-exchange-antispam-srfa-diagnostics:x-ms-office365-filtering-correlation-id: x-microsoft-antispam:x-ms-traffictypediagnostic: x-microsoft-antispam-prvs:x-exchange-antispam-report-test: x-ms-exchange-senderadcheck:x-exchange-antispam-report-cfa-test: x-forefront-prvs:x-forefront-antispam-report: received-spf:x-microsoft-antispam-message-info: spamdiagnosticoutput:spamdiagnosticmetadata: Content-Type:Content-Transfer-Encoding:MIME-Version: X-MS-Exchange-CrossTenant-Network-Message-Id: X-MS-Exchange-CrossTenant-originalarrivaltime: X-MS-Exchange-CrossTenant-fromentityheader: X-MS-Exchange-CrossTenant-id:X-MS-Exchange-Transport-CrossTenantHeadersStamped: X-OriginatorOrg:X-NAI-Spam-Flag:X-NAI-Spam-Level: X-NAI-Spam-Threshold:X-NAI-Spam-Score:X-NAI-Spam-Version; bh=hOd1ANf6lGH/EKSzK+4iNfGFNcM7ZiQEe/AoEZ ZW+Og=; b=qf8/tOj9QDmi7Lr4su0X/rcBEdO21EdphTedXpYZ Ncf2UcQMO/vcv9iUNxgfJcQoVBUFY5fbC74YwdYtDo63lF7FXW 5rNhLh0aNok/xSqrometKxBwTn0hMPa3Qzgdd4EO/DrDI+n9pW /E4THGswugQy3sdWZXHdTDN9WUuXOeI=
Received: from DNVEXAPP1N05.corpzone.internalzone.com (unknown [10.44.48.89]) by DNVWSMAILOUT1.mcafee.com with smtp (TLS: TLSv1/SSLv3,256bits,ECDHE-RSA-AES256-SHA384) id 18cf_6977_510dbcee_79e6_4116_8312_ca9f41f414c4; Wed, 05 Sep 2018 05:21:17 -0500
Received: from DNVEXAPP1N04.corpzone.internalzone.com (10.44.48.88) by DNVEXAPP1N05.corpzone.internalzone.com (10.44.48.89) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Wed, 5 Sep 2018 04:21:05 -0600
Received: from DNVO365EDGE1.corpzone.internalzone.com (10.44.176.66) by DNVEXAPP1N04.corpzone.internalzone.com (10.44.48.88) with Microsoft SMTP Server (TLS) id 15.0.1347.2 via Frontend Transport; Wed, 5 Sep 2018 04:21:05 -0600
Received: from NAM05-BY2-obe.outbound.protection.outlook.com (10.44.176.240) by edge.mcafee.com (10.44.176.66) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Wed, 5 Sep 2018 04:21:04 -0600
Received: from BN6PR16MB1425.namprd16.prod.outlook.com (10.172.207.19) by BN6PR16MB1764.namprd16.prod.outlook.com (10.172.28.140) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1101.18; Wed, 5 Sep 2018 10:21:04 +0000
Received: from BN6PR16MB1425.namprd16.prod.outlook.com ([fe80::a14e:458f:4a71:ef35]) by BN6PR16MB1425.namprd16.prod.outlook.com ([fe80::a14e:458f:4a71:ef35%6]) with mapi id 15.20.1101.016; Wed, 5 Sep 2018 10:21:04 +0000
From: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com>
To: Roman Danyliw <rdd@cert.org>, "dots@ietf.org" <dots@ietf.org>
Thread-Topic: Nits on draft-ietf-dots-signal-channel-23
Thread-Index: AdQ5kM7ZOpfgZnNuTgGjXF3yS4ya6QAP26tgABYlfNAAIFUNYAJuwxPwACcrpEA=
Date: Wed, 05 Sep 2018 10:21:03 +0000
Message-ID: <BN6PR16MB1425CD6BE8EA306C9822DE96EA020@BN6PR16MB1425.namprd16.prod.outlook.com>
References: <359EC4B99E040048A7131E0F4E113AFC014C432BE6@marathon> <BN6PR16MB142595C15EAB7EB6B40E7707EA300@BN6PR16MB1425.namprd16.prod.outlook.com> <359EC4B99E040048A7131E0F4E113AFC014C4335A3@marathon> <BN6PR16MB14253B033A51EBB8057E19EFEA370@BN6PR16MB1425.namprd16.prod.outlook.com> <359EC4B99E040048A7131E0F4E113AFC014C43DE4F@marathon>
In-Reply-To: <359EC4B99E040048A7131E0F4E113AFC014C43DE4F@marathon>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.0.500.52
dlp-reaction: no-action
authentication-results: spf=none (sender IP is ) smtp.mailfrom=TirumaleswarReddy_Konda@McAfee.com;
x-originating-ip: [103.245.47.20]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BN6PR16MB1764; 6:bHTDITwD/BFQjyUHOCXo/yQ/3OhnvU6x2DgDrBM54HBCqazlf4SCMGZ0F3ggw1DGebM3/nM1yKZyKCLmH7UK33BxxXunfFKYnsXSFxr1kAAS7pLKJKd9HrUtyCDm+A8Y30ly2YyKy2cEll2sCZ8F2wuQ4n22jxZDrtoVGyxRK4tWV07Nkm23hmoBbt6HIVUfHl3xn5SGHdwpEtbOvTZ28wOyFGRFQXNf/DsYOi0Ov9XznZnAcW8Onpl+LZW7pbw1RlVgxX6qsLTpGk3eutcDTDG79xUF0CDpZafvRICR8flLpETCtrABqLElIfF2kmZP0Wjrt0R8Y+U2WP8iVch6soSFGJRPJkJ0ncMe7ZSKHSeHMFPhACjegR8AEA5tXDsGi3tj+jX6GLlM8DyyHUwUSkkNKf8sX6grElFQhHS3TgYcKxMsmVG5zw2YB+QM8bD7ZqIpx9FtjyJJngrPbetQaw==; 5:pdPYYvO5bJFvg2uRnmYDSqGur/M5kxQGhORwRS0adjFy8yLmjuQnFV7E+tzEyHKbXkZA2BcCH3B71rp2DZtY8FBoGsb7maeEkQ2KMWStk1bjiub6fwhki1XPO65ut29+iswMC0lLKMqtN9W1q1V4KcS5YkAJm/GxCsZ3tocl3o4=; 7:GuDIbChMx9ZRt3sFZOgXkFbV6L8OfVwzsHyuZXuS6Oz/kf5w+5UKfzd8HRhX2tWHSbJVF0qaqwjPTn+B+4xZ9dpLjOVijN7nFGthN1WzY5w6ZLW/poEh86i+xJu2Uph3d1qzjIao6hrOD5cKc6LnTJJ1o4AxQiOJiHKdGjvX/UsNt0ISbLf1vUVVShft+zkXMtDukQiUC3agxPia0b+BqqYj3Wfo8fkSRSDDj3SUDY1vBKOm/T/AuJSmU+MWCNFT
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: a8346a08-cc34-49a1-2811-08d613194917
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989137)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(5600074)(711020)(2017052603328)(7153060)(7193020); SRVR:BN6PR16MB1764;
x-ms-traffictypediagnostic: BN6PR16MB1764:
x-microsoft-antispam-prvs: <BN6PR16MB1764BCF99F54274DB8062360EA020@BN6PR16MB1764.namprd16.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(103651359005742)(123452027830198);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(93006095)(93001095)(3002001)(3231311)(944501410)(52105095)(10201501046)(149027)(150027)(6041310)(20161123558120)(20161123562045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(201708071742011)(7699016); SRVR:BN6PR16MB1764; BCL:0; PCL:0; RULEID:; SRVR:BN6PR16MB1764;
x-forefront-prvs: 078693968A
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(376002)(366004)(346002)(136003)(396003)(32952001)(189003)(199004)(13464003)(51914003)(76176011)(93886005)(81166006)(8936002)(2501003)(7696005)(256004)(99286004)(81156014)(8676002)(305945005)(14444005)(7736002)(446003)(11346002)(5024004)(9686003)(5660300001)(55016002)(6306002)(68736007)(110136005)(5250100002)(476003)(316002)(2906002)(2900100001)(486006)(966005)(6436002)(66066001)(478600001)(6246003)(6506007)(53546011)(229853002)(6116002)(3846002)(80792005)(97736004)(186003)(25786009)(33656002)(105586002)(14454004)(53936002)(74316002)(102836004)(86362001)(106356001)(72206003)(26005)(85282002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR16MB1764; H:BN6PR16MB1425.namprd16.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: McAfee.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: 7qoS4/UEMP8fVHWjdllU70KiEpbP+ruxYGYmMMlpRoHVc9lFeP/xAO1ajCoSm2JWPR6h17DgC+jdf035aaCncwMOe3KA/vzM1VcCCUEH2rBiRo9/NRjxm2Qn5bWi53ypZlEKTJFVBxIr4SbPEPUEWR22X70Fu+gVQTTip40DF15Zkv4340dqwyLL6K+QELC+fUigIVJArrtdDOf2OamrVWHWq+4vu9+v1e9nhWzdYdpvfAnwx2cTI6WdBDVNovlKeNXM7r9m5l4dARfq/PNg7K/ELiRU/eCV/H5KLiT+f1oX36DnVCBworElFQP+ewxgAsvfEkR6dWjMijBxNP2oRUSyCiLRX+Nqza3qdpZ5sLs=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: a8346a08-cc34-49a1-2811-08d613194917
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Sep 2018 10:21:03.8524 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4943e38c-6dd4-428c-886d-24932bc2d5de
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR16MB1764
X-OriginatorOrg: mcafee.com
X-NAI-Spam-Flag: NO
X-NAI-Spam-Level:
X-NAI-Spam-Threshold: 15
X-NAI-Spam-Score: 0.1
X-NAI-Spam-Version: 2.3.0.9418 : core <6366> : inlines <6854> : streams <1797557> : uri <2703487>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/mMpfKlmGEmAkcGWqn9HQOO0RZSc>
Subject: Re: [Dots] Nits on draft-ietf-dots-signal-channel-23
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Sep 2018 10:21:19 -0000

> -----Original Message-----
> From: Roman Danyliw <rdd@cert.org>
> Sent: Tuesday, September 4, 2018 9:09 PM
> To: Konda, Tirumaleswar Reddy <TirumaleswarReddy_Konda@McAfee.com>;
> dots@ietf.org
> Subject: RE: Nits on draft-ietf-dots-signal-channel-23
> 
> This email originated from outside of the organization. Do not click links or
> open attachments unless you recognize the sender and know the content is safe.
> 
> Hello Tiru!
> 
> > -----Original Message-----
> > From: Dots [mailto:dots-bounces@ietf.org] On Behalf Of Konda,
> > Tirumaleswar Reddy
> > Sent: Thursday, August 23, 2018 2:27 AM
> > To: Roman Danyliw <rdd@cert.org>; dots@ietf.org
> > Subject: Re: [Dots] Nits on draft-ietf-dots-signal-channel-23
> >
> > > -----Original Message-----
> > > From: Roman Danyliw <rdd@cert.org>
> > > Sent: Wednesday, August 22, 2018 9:02 PM
> > > To: Konda, Tirumaleswar Reddy
> > <TirumaleswarReddy_Konda@McAfee.com>;
> > > dots@ietf.org
> > > Subject: RE: Nits on draft-ietf-dots-signal-channel-23
> > >
> > > This email originated from outside of the organization. Do not click
> > > links or open attachments unless you recognize the sender and know
> > > the
> > content is safe.
> > >
> > > Hi Tiru!
> > >
> > > > -----Original Message-----
> > > > From: Konda, Tirumaleswar Reddy
> > > > [mailto:TirumaleswarReddy_Konda@mcafee.com]
> > > > Sent: Wednesday, August 22, 2018 1:30 AM
> > > > To: Roman Danyliw <rdd@cert.org>; dots@ietf.org
> > > > Subject: RE: Nits on draft-ietf-dots-signal-channel-23
> > > >
> > > > > -----Original Message-----
> > > > > From: Dots <dots-bounces@ietf.org> On Behalf Of Roman Danyliw
> > > > > Sent: Wednesday, August 22, 2018 3:34 AM
> > > > > To: dots@ietf.org
> > > > > Subject: [Dots] Nits on draft-ietf-dots-signal-channel-23
> > > > >
> > > > > (5) Registration guidance for DOTS Signal Channel CBOR Mapping
> > > > > Registry is precise.  However, I'm left seeking guidance on how
> > > > > to process messages with fields not specified in this draft
> > > > > (i.e., fields registered after this draft is published).  The
> > > > > closest I can find is language in Section 6 that states "[t]he
> > > > > recipient of the payload MAY reject the  information if it is not suitably
> mapped."
> > > > > I would also benefited from a preamble describing the purpose of
> > > > > the registry -- is it a
> > > > way to extend the protocol with new optional fields?
> > > >
> > > > Yes, we will have to request IANA to create "DOTS Signal Channel Claims"
> > > > registry (just like it's done in
> > > > https://tools.ietf.org/html/rfc8392
> > > > and new drafts like
> > > > https://tools.ietf.org/html/draft-ietf-ace-oauth-authz-13#section-
> > > > 8.12  are using the registry defined in RFC8392 to add new claims).
> > > > "Parameter Name" in the table 6 needs to be changed to "Claim Name".
> > > >
> > > > In addition, to accommodate future drafts to add new fields, the
> > > > fields should be classified into " comprehension-optional" and
> > > > "comprehension- required" for DOTS agents to ignore or reject
> > > > unknown fields. The key value range can be further split to
> > > > accommodate vendor-specific, comprehension- optional and
> > > > comprehension-required attributes. The fields defined in this spec
> > > > will be of type comprehension-
> > > required.
> > >
> > > We're in complete agreement on the purpose of the registry.  It's
> > > the explanation of the registry I'm proposing is missing.
> > >
> > > IMO, the draft would benefit from explicitly stating (1) the
> > > processing implications of this registry (just as you stated above
> > > so that the DOTS agents knows what to reject); and (2) noting that
> > > the registry is a general means for extensibility. We have had
> > > several ideas or individual drafts come to the WG requesting the
> > > addition of new, optional fields to the protocol (e.g., draft-yang-
> > > dos-type-for-dots-00 at IETF 102; draft-doron-dots-telemetry-00 at IETF 97).
> > > The WG deferred them but we never explicitly resolved the issue of
> > > extensibility. The registry addresses the issue of extensibility.
> > > I'm proposed as few words that state that.
> >
> > Sure, will update draft.
> 
> Thanks for the new text in -24.  IMO this new partitioned registry provides the
> needed extensibility.
> 
> The language in -24 addresses my feedback.

Thanks, Roman. The only pending comment to resolve is the use of specific media type.

Cheers,
-Tiru

> 
> Roman

v2.23.0 | Report a Bug | By Email