IETF Logo Mail Archive

Re: [Dots] [Gen-art] Genart last call review of draft-ietf-dots-use-cases-23

elwynd <elwynd@folly.org.uk> Fri, 03 July 2020 17:33 UTC

Return-Path: <elwynd@folly.org.uk>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE2993A0BDC; Fri, 3 Jul 2020 10:33:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H9_IG6ZDn97I; Fri, 3 Jul 2020 10:33:01 -0700 (PDT)
Received: from b-painless.mh.aa.net.uk (b-painless.mh.aa.net.uk [IPv6:2001:8b0:0:30::52]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7868C3A0BDA; Fri, 3 Jul 2020 10:33:01 -0700 (PDT)
Received: from 0.1.9.1.a.e.1.d.c.1.a.e.a.6.b.c.1.0.0.0.f.b.0.0.0.b.8.0.1.0.0.2.ip6.arpa ([2001:8b0:bf:1:cb6a:ea1c:d1ea:1910]) by b-painless.mh.aa.net.uk with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from <elwynd@folly.org.uk>) id 1jrPJG-00066C-Dz; Fri, 03 Jul 2020 18:17:10 +0100
SavedFromEmail: elwynd@folly.org.uk
Date: Fri, 03 Jul 2020 18:17:04 +0100
In-Reply-To: <CADZyTkmEN5vCe9o4biQCDOcAdQ0tVeYVvXk4eJRxkZnYsB85CQ@mail.gmail.com>
Importance: normal
From: elwynd <elwynd@folly.org.uk>
To: Daniel Migault <mglt.ietf@gmail.com>, Elwyn Davies <elwynd@dial.pipex.com>
Cc: last-call@ietf.org, "gen-art >> General area reviewing team" <gen-art@ietf.org>, draft-ietf-dots-use-cases.all@ietf.org, dots <dots@ietf.org>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="--_com.samsung.android.email_3216141398604900"
Message-ID: <E1jrPJG-00066C-Dz@b-painless.mh.aa.net.uk>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/p0yKoTGt2vhVYxkzHv4QcYmqWas>
Subject: Re: [Dots] [Gen-art] Genart last call review of draft-ietf-dots-use-cases-23
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Jul 2020 17:33:05 -0000

Hi, Daniel.Thanks for your response. The changes look good to me.  A couple of minor language improvements if I may suggest:s1, para 1: s/mitigations - which highly depends on a timely reaction/mitigations that are generally highly dependent on a timely reaction by the system./s2, DDoS Mitigation Service: s/usually involve Service Level Agreement (SLA) that have to be met/usually involves a Service Level Agreement (SLA) that has to be met/Paragraph just after Figure 4: s/various aspect/various aspects/End of 4th paragraph after Figure 4: s/appropriated/appropriate/Otherwise this is all done.Hope you are keeping safe and well.Cheers,ElwynSent from Samsung tablet.
-------- Original message --------From: Daniel Migault <mglt.ietf@gmail.com> Date: 02/07/2020  22:28  (GMT+00:00) To: Elwyn Davies <elwynd@dial.pipex.com> Cc: last-call@ietf.org, "gen-art >> General area reviewing team" <gen-art@ietf.org>, draft-ietf-dots-use-cases.all@ietf.org, dots <dots@ietf.org> Subject: Re: [Gen-art] [Dots] Genart last call review of draft-ietf-dots-use-cases-23 Hi, Thank you for the review. These were helpful to us. I believe that all comments have been addressed in the version we just published.  Please find more response regarding the comment inlined. Yours, Daniel On Wed, Jun 10, 2020 at 12:02 PM Elwyn Davies via Datatracker <noreply@ietf.org> wrote:Reviewer: Elwyn Davies
Review result: Ready with Nits

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

<https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.

Document: draft-ietf-dots-use-cases-23
Reviewer: Elwyn Davies
Review Date: 2020-06-10
IETF LC End Date: 2020-06-11
IESG Telechat date: Not scheduled for a telechat

Summary:
Ready wih some minor nits.

Major issues:
None

Minor issues:
None

Nits/editorial comments:
s1, para 1: Just a thought:  might be worth adding to the end of this para:
"and increase the time for deployment in a situation where speed is often of
the essence". <mglt> I understand that the additional time is part of the reasons that degrade the efficacy but this is not the only reason. I propose to indicate that efficacity highly depends on an timely reaction as below:OLDThis greatly increases operational complexity which, in turn,can degrade the efficacy of mitigations.NEWThis greatly increases operational complexity which, in turn,can degrade the efficacy of mitigations - which highly depends on  a timely reaction.. </mglt>

s1, last para: Suggest adding in reference to DOTS requirements doc which is
referred to in s2: OLD:
   This document provides sample use cases that provided input for the
   design of the DOTS protocols [RFC8782][RFC8783].
NEW
   This document provides sample use cases that motivated the requirements
   for the DOTS protocols [RFC8612] and provided input for the design of
   those protocols [RFC8782][RFC8783].
ENDS<mglt>I would consider the requirement as part of the process for the design of the protocol, but it is correct that requirements coudl be included. I propose the following change:OLD:This document provides sample use cases that provided input for the design ofthe DOTS protocols {{RFC8782}}{{RFC8783}}.NEW:This document provides sample use cases that provided input for the requirements {{?RFC8612}} and design ofthe DOTS protocols {{!RFC8782}}{{!RFC8783}}.</mglt>

s2: For more logical ordering, move the definition of DDos Mitigation Service
Provider after definition of DDoS Mitigation Service.
 <mglt> fixed. </mglt>
s2, DDoS Mitigation Service:
OLD:
      Service subscriptions usually
      involve Service Level Agreement (SLA) that have to be met.
NEW:
      Each service subscription usually
      involves a Service Level Agreement (SLA) that has to be met.
ENDS
<mglt> fixed.</mglt> 
s3.1, para 1: The abbreviation ITP has already been defined so you shouldn't
have a redefinition here.
<mglt> fixed. </mglt> 
s3.1, para 7: s/thought different/though different/<mglt>fixed</mglt> 

s3.1, 2nd set of bullets, that are below Fig 1: This woud be more elegant using
(a), (b), etc as the bullet labels.
<mglt>I could not find how to do list as a) b) using kramdow but I used an ordered list 1. 2. instead so a native list format is rendered. </mglt>  
s3.1: Comment (not being familiar with the DOTS proposals): The text indicates
that the ITP mitigation effort is an all or nothing buisness.  Is this always
the case or could the client request or the server provide a proportional
response rather than an all or nothing response?
<mglt>My understanding is that when the decision to mitigate is requested the ITP mitigates the traffic. As far as I know it is not currently envisioned to use DOTS for a kind of collaboration between the ITP and the local side, that is the local site performs 20 % of the attack while the ITP takes in charge the remaining 80 %. One reason is that it remains hard to express the capabilities involved to mitigate the attack. Note also that the capacity of the ITP may be capped by contract.  Overall the DOTS is more about delegating the mitigation as opposed to collaborative mitigation.</mglt> 
s3.2, last sentence of 2nd para after Fig 2: s/These exact/The exact/
 <mglt>fixed</mglt>
s3.3, para 2: s/various information/various sets of information/
 <mglt>fixed</mglt>
s3.3, para after Figure 4: s/monitor various network traffic/monitor various
aspects of the network traffic/.
<mglt> fixed</mglt>
s3.3, 2nd para after Figure 4: s/it's/it is/
 <mglt>fixed</mglt>
s3.3, last five paras: Calling out a web interface specifically is overly
specific.  Suggest adding 'for example'in at least one case or changing it to
'user interface'.
 <mgl> I added the for example which seems closer to the most probable implementation.</mglt>
s3.3, first para on page 11:
OLD:
to infer the DDoS Mitigation to elaborate and coordinate.
NEW:
to infer, elaborate and coordinate the appropriate DDoS Mitigation.
ENDS
<mglt>fixed</mglt> 
s3.3, 3rd and subsequent paras on page 11: The orchestrator appears to change
from one DOTS server to a plurality at this point.  Please make it clear
whether there is one or many.  If only one, then s/The orchestrator DOTS
servers returns this information back/The orchestrator DOTS server returns this
information/ and s/servers/server/ subsequently.
 <mglt>good catch. There is only one server. we address this.</mglt>
s3.3, last para s/like  requesting/such as requesting/
<mglt>fixed.</mglt> 
s7:  This is an informational document and, as such, cannot have normative 
references.  Please combine all references into one refererences section.

<mglt> I usually like standard document to be normative, but this is correct that for use cases, none of these document are necessary to be read to understand the document, so I will put all reference as informational</mglt> 

_______________________________________________
Dots mailing list
Dots@ietf.org
https://www.ietf.org/mailman/listinfo/dots
-- Daniel MigaultEricsson

v2.23.0 | Report a Bug | By Email