[Dots] One or two key values (RE: DOTS telemetry questions)
<mohamed.boucadair@orange.com> Mon, 24 February 2020 07:41 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5477E3A07A2 for <dots@ietfa.amsl.com>; Sun, 23 Feb 2020 23:41:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=orange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c6FBNO47Y0nL for <dots@ietfa.amsl.com>; Sun, 23 Feb 2020 23:41:27 -0800 (PST)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.66.41]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 96B993A07A0 for <dots@ietf.org>; Sun, 23 Feb 2020 23:41:27 -0800 (PST)
Received: from opfedar06.francetelecom.fr (unknown [xx.xx.xx.8]) by opfedar23.francetelecom.fr (ESMTP service) with ESMTP id 48QvBs583fzBrYY; Mon, 24 Feb 2020 08:41:25 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com; s=ORANGE001; t=1582530085; bh=4dTT7PCWnzCwPEEXlzJlSZ7+H/kGWmX8VcQjXS4Mw+0=; h=From:To:Subject:Date:Message-ID:Content-Type:MIME-Version; b=lOJGbl9KjbnnAQ7hJ3P2vEflRzqgo6xeMkTLytB6OToM17SNcfYaFHl1BxeU95CEe S/mx3IZNeEaJ/u04wESWk2hZuwulpivvhg1VcJiVYuF5R0MRf6WXw9Ft+X/9E5y9ld E8CQ8D6vdu5KHm/EVELImMht+BTxHcjepAFwKisLBwZCeWx01AeTRcaZVVc04eW3Ws 9grNqaWHtmCEECpC0/EB85XuYUQQsLm/QVb1ZgqrbCc7PzaT7JLQ5+PkB514oj9p/l jguc4eekm521wAxsLXBhocQK3tsg9cqwdd0FsRsMovvNT8hAKqBBxWeKQj+n7K7l94 L7lSeWPuMGO/Q==
Received: from Exchangemail-eme6.itn.ftgroup (unknown [xx.xx.13.64]) by opfedar06.francetelecom.fr (ESMTP service) with ESMTP id 48QvBs3zzCz3wb8; Mon, 24 Feb 2020 08:41:25 +0100 (CET)
Received: from OPEXCAUBMA2.corporate.adroot.infra.ftgroup ([fe80::e878:bd0:c89e:5b42]) by OPEXCAUBMA3.corporate.adroot.infra.ftgroup ([::1]) with mapi id 14.03.0468.000; Mon, 24 Feb 2020 08:41:25 +0100
From: mohamed.boucadair@orange.com
To: Jon Shallow <supjps-ietf@jpshallow.com>, "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@mcafee.com>, kaname nishizuka <kaname@nttv6.jp>, "dots@ietf.org" <dots@ietf.org>
Thread-Topic: One or two key values (RE: [Dots] DOTS telemetry questions)
Thread-Index: AdXq5c3HBzE8FwXRQOGd4+aeKXb8Qg==
Date: Mon, 24 Feb 2020 07:41:23 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B93303143E7C0@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.13.247]
Content-Type: multipart/alternative; boundary="_000_787AE7BB302AE849A7480A190F8B93303143E7C0OPEXCAUBMA2corp_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/qHM2vEYhfCbq_xGD6R1nwu4rt_g>
Subject: [Dots] One or two key values (RE: DOTS telemetry questions)
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Feb 2020 07:41:29 -0000
Hi Jon, (separating the issues to ease tracking them) [Med] An issue with namespaces will be the encountered if the conversion is the same for the attribute when it is carried in a "pure" telemetry message or in an existing signal channel message. Jon1> Correct - I don't like the concept of having 2 mapping tables for mapping the CBOR value back into JSON. An updated table is available at: https://github.com/boucadair/draft-dots-telemetry/blob/master/mapping-table.txt Cheers, Med De : Jon Shallow [mailto:supjps-ietf@jpshallow.com] Envoyé : vendredi 21 février 2020 16:46 À : BOUCADAIR Mohamed TGI/OLN; Konda, Tirumaleswar Reddy; kaname nishizuka; dots@ietf.org Objet : RE: [Dots] DOTS telemetry questions Hi, See inline Jon1> Regards Jon De : Jon Shallow [mailto:supjps-ietf@jpshallow.com] Envoyé : jeudi 20 février 2020 21:58 À : BOUCADAIR Mohamed TGI/OLN; Konda, Tirumaleswar Reddy; kaname nishizuka Objet : DOTS telemetry questions Hi Guys, 1) For example CBOR mappings Header: PUT (Code=0.03) Uri-Path: ".well-known" Uri-Path: "dots" Uri-Path: "mitigate" Uri-Path: "cuid=dz6pHjaADkaFTbjr0JGBpw" Uri-Path: "mid=123" If-Match: Content-Format: "application/dots+cbor" { "ietf-dots-signal-channel:mitigation-scope": { "scope": [ { "alias-name": [ "myserver" ], "attack-status": "under-attack", "ietf-dots-telemetry:total-attack-traffic": [ { "ietf-dots-telemetry:unit": "megabytes-ps", "ietf-dots-telemetry:mid-percentile-g": "900" } ] } ] } } Figure 33: An Example of Mitigation Efficacy Update with Telemetry Attributes And yet the mapping table only has (no ietf-dots-telemetry: prefix) | total-attack-traffic | list |32794 | 4 array | Array | I appreciate that ietf-dots-telemetry:total-attack-traffic and total-attack traffic are the same CBOR value (or are they?) [Med] The same value is used but I didn't check if there are side effects. Jon> Need to think this through. My implementation maps the CBOR into JSON and then works on the JSON to do what is necessary and then converts the JSON response back into CBOR. [Med] An issue with namespaces will be the encountered if the conversion is the same for the attribute when it is carried in a "pure" telemetry message or in an existing signal channel message. Jon1> Correct - I don't like the concept of having 2 mapping tables for mapping the CBOR value back into JSON.
- [Dots] One or two key values (RE: DOTS telemetry … mohamed.boucadair