IETF Logo Mail Archive

Re: [Dots] WGLC for draft-ietf-dots-rfc8782-bis-01

mohamed.boucadair@orange.com Tue, 06 October 2020 12:48 UTC

Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3B5A3A1453; Tue, 6 Oct 2020 05:48:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=orange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id smFxssFikK51; Tue, 6 Oct 2020 05:48:57 -0700 (PDT)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.70.36]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 01F953A1420; Tue, 6 Oct 2020 05:48:56 -0700 (PDT)
Received: from opfednr04.francetelecom.fr (unknown [xx.xx.xx.68]) by opfednr25.francetelecom.fr (ESMTP service) with ESMTP id 4C5HMq4yKyzCrVd; Tue, 6 Oct 2020 14:48:55 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com; s=ORANGE001; t=1601988535; bh=14VUAfoeXAE/6R+3x5yNpJA4BKb5M7/ho023aE+2+zo=; h=From:To:Subject:Date:Message-ID:Content-Type: Content-Transfer-Encoding:MIME-Version; b=EohqesNXr/iBc+86R7iKmXUZZyby2u6XBSL6Sfrj7Ep26GhktnmBmG5KUUXdez9a+ rPyXl4257dKhMRIYxEK33+KBcbR5CB2KTtAbfA056r2aF6aPbyB9umFk850po5lwrw ORKmEvDir91gESdNIU8zUgCWRXDLsCjAhwUCkhujpl218mk50sILyljqloKEn1/FEP kUHF3XYidpnOr+1Dovb0Apv7cN6EX4q9r6zIhv6TC8endO8GYocXkHi0RHw307exQe EH5lv2fRfrjJPaktFCoy6QmhLxI4d9VPJRbpm/mkLwscgZokbVnZPz/F0q2/Jf2EJi Q/eVjUpdFOBow==
Received: from Exchangemail-eme6.itn.ftgroup (unknown [xx.xx.13.38]) by opfednr04.francetelecom.fr (ESMTP service) with ESMTP id 4C5HMq3cQxz1y5B; Tue, 6 Oct 2020 14:48:55 +0200 (CEST)
From: mohamed.boucadair@orange.com
To: Yasuaki Morita <yasuaki.morita@lepidum.co.jp>, Valery Smyslov <valery@smyslov.net>
CC: "dots@ietf.org" <dots@ietf.org>, "dots-chairs@ietf.org" <dots-chairs@ietf.org>, "draft-ietf-dots-rfc8782-bis@ietf.org" <draft-ietf-dots-rfc8782-bis@ietf.org>
Thread-Topic: [Dots] WGLC for draft-ietf-dots-rfc8782-bis-01
Thread-Index: AQHWm9iARdqc/jnVQUaJq+rs9dLPiKmKgdjQ
Date: Tue, 06 Oct 2020 12:48:54 +0000
Message-ID: <14948_1601988535_5F7C67B7_14948_426_3_787AE7BB302AE849A7480A190F8B93303154DCDC@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
References: <14ca01d69bd5$dbf0d0a0$93d271e0$@smyslov.net> <CAFDrJwkTPz7xHHxjOGk66XFJsgh=e0Zhri+4rXnPt7WQT_icBA@mail.gmail.com>
In-Reply-To: <CAFDrJwkTPz7xHHxjOGk66XFJsgh=e0Zhri+4rXnPt7WQT_icBA@mail.gmail.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.13.247]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/ugb90dVa_5Rl-BsT-hik-K-oxc0>
Subject: Re: [Dots] WGLC for draft-ietf-dots-rfc8782-bis-01
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Oct 2020 12:48:59 -0000

Hi Yasuaki, 

Thank you for the comments. 

Please see inline. 

Cheers,
Med

> -----Message d'origine-----
> De : Yasuaki Morita [mailto:yasuaki.morita@lepidum.co.jp]
> Envoyé : mardi 6 octobre 2020 14:02
> À : Valery Smyslov <valery@smyslov.net>
> Cc : dots@ietf.org; dots-chairs@ietf.org; draft-ietf-dots-rfc8782-
> bis@ietf.org
> Objet : Re: [Dots] WGLC for draft-ietf-dots-rfc8782-bis-01
> 
> Hi all,
> 
> Let me point out two things about the draft.
> 
> First, lifetime is defined to be an optional leaf on the Yang tree
> diagram.

[Med] I confirm.

> But lifetime is mandatory as other parts of the draft

[Med] It is mandatory in a request and an accepted mitigation response, but not in a conflict response for instance.

The structure applies of the mitigation independently whether this a request, response, conflict, efficacy update, etc.  

 and I believe
> that `lifetime?` in the tree should be replaced by `lifetime`.
> 
> Here is an excerpt from the tree-diagram:
> 
> 
>       structure dots-signal:
>         +-- (message-type)?
>            +--:(mitigation-scope)
>            |  +-- scope* []
>            ...(snip)...
>            |     +-- lifetime?                     union
> 
> 
> >From the description of lifetime:
> 
>    lifetime:  Lifetime of the mitigation request in seconds.
>       ...(snip)...
>       The DOTS server MUST always indicate the actual lifetime in
> the
>       response and the remaining lifetime in status messages sent to
> the
>       DOTS client.
>       This is a mandatory attribute.
> 
> 
> Second, I guess that the attribute `:(client-to-server-only)` for
> attack-status in the tree diagram is redundant or confusing.
> I believe that the clients should be able to obtain its current
> attack-status from the server, but `:(client-to-server-only)` seems
> like forbidding it.

[Med] "attack-status" is an attribute that is sent by a client to share its view on the attack with the server. The server manipulates "status" to report the status as seen at the server side. 

The server does not include the "attack-status" (received from the client) in a GET.

> There is no reason to restrict the server sending attack-status to
> the clients.

[Med] What would be the use case if that constraint was relaxed?


> So I suggest that we simply write
> 
>            |        +-- attack-status?
>            |                iana-dots-signal:attack-status
> 
> instead of
> 
>            |        +--:(client-to-server-only)
>            |           +-- attack-status?
>            |                   iana-dots-signal:attack-status
> 
> 
> Best regards
> Yasuaki
> 
> 
> On Tue, 6 Oct 2020 at 11:43, Valery Smyslov <valery@smyslov.net>
> wrote:
> >
> > Hi,
> >
> > this message starts a two-week working group last call for
> > draft-ietf-dots-rfc8782-bis-01, which will end on Wednesday,
> October
> > 21. Please, review the draft carefully and send your comments to
> the mailing list.
> >
> > Regards,
> > Frank & Valery.
> >
> > _______________________________________________
> > Dots mailing list
> > Dots@ietf.org
> > https://www.ietf.org/mailman/listinfo/dots

_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

v2.23.0 | Report a Bug | By Email