Re: [Dots] 答复: DOTS: next steps - call for editor volunteers for use case draft and requirements draft
Xiaohong Deng <xiaohong.deng@unsw.edu.au> Thu, 27 August 2015 04:24 UTC
Return-Path: <xiaohong.deng@unsw.edu.au>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB30D1A1B67 for <dots@ietfa.amsl.com>; Wed, 26 Aug 2015 21:24:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.206
X-Spam-Level:
X-Spam-Status: No, score=-3.206 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_AU=0.377, HOST_EQ_AU=0.327, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UCcDQnq--lnI for <dots@ietfa.amsl.com>; Wed, 26 Aug 2015 21:24:14 -0700 (PDT)
Received: from INFPACM005.services.comms.unsw.edu.au (smtp.unsw.edu.au [149.171.193.32]) by ietfa.amsl.com (Postfix) with ESMTP id 977E61A1B29 for <dots@ietf.org>; Wed, 26 Aug 2015 21:24:13 -0700 (PDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A2CHAgCAkN5V/zkaFKxdgk5NVGkGgx20SIYJAQmBbgEJhXsCHIEWOBQBAQEBAQEBgQqEIwEBAQQBAQEaBgQGQQQHEgEFAQINBAMBAiEDBAMCBCULFAYDCgQOBQkLAYgZDZZ0nR2QHoRoAQEBAQEBAQMBAQEBAR2LW4E9AYEDgWYRATYKDQQGgmqBQwWSJIMYjHKBSoQygxIMjVmDayaCDw0PFoE+PjOBDjqBBQEBAQ
X-IPAS-Result: A2CHAgCAkN5V/zkaFKxdgk5NVGkGgx20SIYJAQmBbgEJhXsCHIEWOBQBAQEBAQEBgQqEIwEBAQQBAQEaBgQGQQQHEgEFAQINBAMBAiEDBAMCBCULFAYDCgQOBQkLAYgZDZZ0nR2QHoRoAQEBAQEBAQMBAQEBAR2LW4E9AYEDgWYRATYKDQQGgmqBQwWSJIMYjHKBSoQygxIMjVmDayaCDw0PFoE+PjOBDjqBBQEBAQ
X-IronPort-AV: E=Sophos;i="5.17,420,1437400800"; d="scan'208,217";a="215096418"
Received: from unknown (HELO INFPWXH004.ad.unsw.edu.au) ([172.20.26.57]) by INFPACM005.services.comms.unsw.edu.au with ESMTP; 27 Aug 2015 14:24:01 +1000
Received: from INFPWXM010.ad.unsw.edu.au ([169.254.4.92]) by INFPWXH004.ad.unsw.edu.au ([149.171.58.236]) with mapi id 14.03.0248.002; Thu, 27 Aug 2015 14:23:59 +1000
From: Xiaohong Deng <xiaohong.deng@unsw.edu.au>
To: "Xialiang (Frank)" <frank.xialiang@huawei.com>
Thread-Topic: 答复: [Dots] DOTS: next steps - call for editor volunteers for use case draft and requirements draft
Thread-Index: AQHQ4IAxTlPi51aFGU2vZsVbj54YUw==
Date: Thu, 27 Aug 2015 04:23:59 +0000
Message-ID: <D204CAD1.53E%xiaohong.deng@unsw.edu.au>
Accept-Language: en-GB, en-AU, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [149.171.135.82]
Content-Type: multipart/alternative; boundary="_000_D204CAD153Exiaohongdengunsweduau_"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/dots/ogVauYGkC17xmvuxmky3-2StL2M>
Cc: "tobias.gondrom@gondrom.org" <tobias.gondrom@gondrom.org>, "Roman D. Danyliw" <rdd@cert.org>, "dots@ietf.org" <dots@ietf.org>
Subject: Re: [Dots] 答复: DOTS: next steps - call for editor volunteers for use case draft and requirements draft
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Aug 2015 04:24:16 -0000
Hi Frank, More inline please. >From: "Xialiang (Frank)" <frank.xialiang@huawei.com<mailto:frank.xialiang@huawei.com>> >Date: Thursday, 27 August 2015 1:41 pm >To: x Deng <xiaohong.deng@unsw.edu.au<mailto:xiaohong.deng@unsw.edu.au>> >Cc: "tobias.gondrom@gondrom.org<mailto:tobias.gondrom@gondrom.org>" <tobias.gondrom@gondrom.org<mailto:tobias.gondrom@gondrom.org>>, "Roman D. Danyliw" <rdd@cert.org<mailto:rdd@cert.org>>, "dots@ietf.org<mailto:dots@ietf.org>" <dots@ietf.org<mailto:dots@ietf.org>> >Subject: 答复: [Dots] DOTS: next steps - call for editor volunteers for use case draft and requirements draft >Hi Xiaohong, >The DOTS’s signaling works include two parts: the signaling content itself and the protocol used to carry them. For the first part, the DDoS related telemetry should be included. The >associated information model should also be defined in DOTS from my understanding. Thanks for this information. Good to know other interest parties in the game. I had a quick read of your draft. Definitely interesting. Did you present it in last meeting? What’s the feedback you get so far? >Actually, we have a draft (draft-fu-ipfix-network-security-01) proposing some new IPFIX IEs (Information Elements) as DDoS related telemetry. Another draft (draft-teague-open-threat->signaling-01) has also proposed some useful telemetry data for representing DDoS incidents information (events, protected objects, attack/threats enumeration, etc) using IPFIX format as well. Nice to know there are more works related. IPFIX as the format and content of DDoS telemetry: like you said, events, attack/threats enumeration etc are still to be addressed – that’s my perception too. >Any good ideas are welcome to bring to DOTS. Thanks. And surely I think openness is always part of the IETF culture, after all making and keeping an open Internet is the ultimate goal of IETF, isn’t it? :) Kind Regards, Xiaohong >B.R. >Frank 发件人: Dots [mailto:dots-bounces@ietf.org] 代表 Xiaohong Deng 发送时间: 2015年8月27日 10:47 收件人: dots@ietf.org<mailto:dots@ietf.org> 抄送: tobias.gondrom@gondrom.org<mailto:tobias.gondrom@gondrom.org> 主题: Re: [Dots] DOTS: next steps - call for editor volunteers for use case draft and requirements draft Hello Chairs and WG, Maybe not directly in relation to this CFV. A question related to the charter: Since the charter mentioned signalling DDoS related telemetry, is there any WG intention/interest to work on definition and/or problem statement of DDoS related telemetry? Our recent study suggests that even though there are various (SDN) analytic platforms out there in both research community and industry, which are able to infer DDos and other network anomalies, but each use their self-defined telemetry and far from scandalisation. I personally see there is a valid problem and DOTs sounds like an ideal place to address it. Any thoughts from Chairs and WG? If there is already WG discussion related to this, please fill me in. Much appreciated. Cheers, Xiaohong School of EE & Telecommunications, UNSW Le 16/08/2015 07:27, Tobias Gondrom a écrit : Hello dear DOTS colleagues, during our first meeting we had consensus to consolidate the independent use cases and requirements into one use case draft and one requirements draft. Roman and I would like to call for volunteers for editing these two drafts. if you are interested, please send an email to myself and Roman or to the DOTS mailing-list until August 20. Best regards, Tobias (co-chair DOTS) On 16/08/15 08:31, Roman D. Danyliw wrote: Hello WG! The minutes from IETF 93 have been uploaded. Please see https://www.ietf.org/proceedings/93/minutes/minutes-93-dots. Regards, Roman _______________________________________________ Dots mailing list Dots@ietf.org<mailto:Dots@ietf.org>https://www.ietf.org/mailman/listinfo/dots _______________________________________________ Dots mailing list Dots@ietf.org<mailto:Dots@ietf.org>https://www.ietf.org/mailman/listinfo/dots
- Re: [Dots] 答复: DOTS: next steps - call for editor… Xiaohong Deng
- [Dots] 答复: 答复: DOTS: next steps - call for editor… Xialiang (Frank)