Re: [Dots] John Scudder's No Objection on draft-ietf-dots-robust-blocks-05: (with COMMENT)
mohamed.boucadair@orange.com Fri, 30 September 2022 05:14 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42750C152585; Thu, 29 Sep 2022 22:14:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.106
X-Spam-Level:
X-Spam-Status: No, score=-7.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=orange.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4O3wIEfdCVPy; Thu, 29 Sep 2022 22:14:24 -0700 (PDT)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.66.39]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6CFD0C152565; Thu, 29 Sep 2022 22:14:24 -0700 (PDT)
Received: from opfedar02.francetelecom.fr (unknown [xx.xx.xx.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by opfedar26.francetelecom.fr (ESMTP service) with ESMTPS id 4Mdz1B0lrXzFqC6; Fri, 30 Sep 2022 07:14:22 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com; s=ORANGE001; t=1664514862; bh=SemyEvwmQXIe6UKhLYgK/lw4EUUAF+o+5fZUMldjf6I=; h=From:To:Subject:Date:Message-ID:Content-Type: Content-Transfer-Encoding:MIME-Version; b=eNhoB/VcegS3dmNoCDD519Ice0BBi90qpbhCuK6mdP64XpMvA1EqTcbN7IcoLpL5K eiJRvdgYStlFuhXwj42c9GFH0dAli4RDG+EJ0EqCDAH05AK3jwsxGrEIHaHUtYHL9u qti39GDdyfFUYoGdDb/dhiOlu23eYi8KBIBg29uPWstDWaLn8mcdUpYlTXDgwv0SKJ +3u6BoQkY0lLD3U8iTWMaHQb3SXsdEfUl50EyS7Vk7y6n9jjKQ/6vj843vpTQy/1/b 16wMFKP6AOhuGEjqMW9XAIW+/6wS6EYD6DxNXXSOgz9/HAh4mEs+u+kCHR4hO3itBc Han5DPbXe6uoQ==
From: mohamed.boucadair@orange.com
To: John Scudder <jgs@juniper.net>, The IESG <iesg@ietf.org>
CC: "draft-ietf-dots-robust-blocks@ietf.org" <draft-ietf-dots-robust-blocks@ietf.org>, "dots-chairs@ietf.org" <dots-chairs@ietf.org>, "dots@ietf.org" <dots@ietf.org>, "valery@smyslov.net" <valery@smyslov.net>
Thread-Topic: John Scudder's No Objection on draft-ietf-dots-robust-blocks-05: (with COMMENT)
Thread-Index: AQHY1Ee8QDZYGHfDNkKUUwIzKfOKy633aqVg
Content-Class:
Date: Fri, 30 Sep 2022 05:14:21 +0000
Message-ID: <30998_1664514861_63367B2D_30998_479_1_50c1345f4db14ab6b2f621813c6581b5@orange.com>
References: <166448575573.6840.2785747652855537014@ietfa.amsl.com>
In-Reply-To: <166448575573.6840.2785747652855537014@ietfa.amsl.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Enabled=true; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_SetDate=2022-09-30T05:01:20Z; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Method=Privileged; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Name=unrestricted_parent.2; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_SiteId=90c7a20a-f34b-40bf-bc48-b9253b6f5d20; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_ActionId=a44f47a3-4000-419f-b798-b6cac4c5df85; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_ContentBits=0
x-originating-ip: [10.115.26.52]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/pIc6FncArYLQx-1-FEF0ix_69vo>
Subject: Re: [Dots] John Scudder's No Objection on draft-ietf-dots-robust-blocks-05: (with COMMENT)
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Sep 2022 05:14:29 -0000
Hi John, Thank you for the review. Please see inline. Cheers, Med > -----Message d'origine----- > De : John Scudder via Datatracker <noreply@ietf.org> > Envoyé : jeudi 29 septembre 2022 23:09 > À : The IESG <iesg@ietf.org> > Cc : draft-ietf-dots-robust-blocks@ietf.org; dots-chairs@ietf.org; > dots@ietf.org; valery@smyslov.net; valery@smyslov.net > Objet : John Scudder's No Objection on draft-ietf-dots-robust- > blocks-05: (with COMMENT) > > John Scudder has entered the following ballot position for > draft-ietf-dots-robust-blocks-05: No Objection > > When responding, please keep the subject line intact and reply to > all email addresses included in the To and CC lines. (Feel free to > cut this introductory paragraph, however.) > > > Please refer to > https://www.ietf.org/about/groups/iesg/statements/handling-ballot- > positions/ > for more information about how to handle DISCUSS and COMMENT > positions. > > > The document, along with other ballot positions, can be found > here: > https://datatracker.ietf.org/doc/draft-ietf-dots-robust-blocks/ > > > > ------------------------------------------------------------------ > ---- > COMMENT: > ------------------------------------------------------------------ > ---- > > Thanks for this spec. Also, thanks to Valery Smyslov for the > carefully- > written shepherd writeup. > > I have just one comment, and one question, about this in Section > 3: > > max-payloads: This attribute echoes the MAX_PAYLOADS parameter > in > [RFC9177]. > > This is an optional attribute. If the attribute is supplied > in > both 'idle-config' and 'mitigating-config', then it MUST > convey > the same value. If the attribute is only provided as part > of > 'idle-config' or 'mitigating-config', then the other > (missing) > definition MUST be updated to the same value. > > I think what you're saying here is that if max-payloads is set for > either idle-config or mitigating-config, then that parameter shall > be > deemed set for both configs, and to the same quantity. I found the > way of saying it above to be quite confusing, especially the > "(missing)" > thing, since if it's optional it can hardly be said to be > "missing" just > because it isn't present. > [Med] We didn't find something short + convey this subtlety. Made this change: If the attribute is only provided as part of ‘idle-config’ (or ‘mitigating-config’), then the other definition (i.e., ‘mitigating-config’ (or ‘idle-config’)) MUST be updated to the same value. > I also wonder if you need to supply some answer to the question of > what should happen if the MUST is violated. E.g. one option might > be > to say that if two different values are supplied, the larger of > the > two shall be used for both. [Med] We avoided to have redundant requirements vs Section 4.5 of RFC9132 we pointed to for the request handling. This request will be invalid and the following error will be returned as per the base spec: * If the request is missing a mandatory attribute, does not include a 'sid' Uri-Path, or contains one or more invalid or unknown parameters, 4.00 (Bad Request) MUST be returned in the response. _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
- [Dots] John Scudder's No Objection on draft-ietf-… John Scudder via Datatracker
- Re: [Dots] John Scudder's No Objection on draft-i… mohamed.boucadair