Re: [Dots] Are we being too restrictive in the Alias definition requirements?
<mohamed.boucadair@orange.com> Thu, 20 September 2018 08:32 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 64139130E50 for <dots@ietfa.amsl.com>; Thu, 20 Sep 2018 01:32:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bIdjaNNCXTSG for <dots@ietfa.amsl.com>; Thu, 20 Sep 2018 01:32:31 -0700 (PDT)
Received: from orange.com (mta241.mail.business.static.orange.com [80.12.66.41]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C76A130E4F for <dots@ietf.org>; Thu, 20 Sep 2018 01:32:30 -0700 (PDT)
Received: from opfedar03.francetelecom.fr (unknown [xx.xx.xx.5]) by opfedar21.francetelecom.fr (ESMTP service) with ESMTP id 42G92j20YPz7v1m; Thu, 20 Sep 2018 10:32:29 +0200 (CEST)
Received: from Exchangemail-eme2.itn.ftgroup (unknown [xx.xx.31.17]) by opfedar03.francetelecom.fr (ESMTP service) with ESMTP id 42G92j0flPzCqkd; Thu, 20 Sep 2018 10:32:29 +0200 (CEST)
Received: from OPEXCLILMA3.corporate.adroot.infra.ftgroup ([fe80::60a9:abc3:86e6:2541]) by OPEXCLILM24.corporate.adroot.infra.ftgroup ([fe80::a1e6:3e6a:1f68:5f7e%18]) with mapi id 14.03.0415.000; Thu, 20 Sep 2018 10:32:28 +0200
From: mohamed.boucadair@orange.com
To: Jon Shallow <supjps-ietf@jpshallow.com>, "dots@ietf.org" <dots@ietf.org>
Thread-Topic: [Dots] Are we being too restrictive in the Alias definition requirements?
Thread-Index: AQK2Abf0pMK6nV9J6OIe57dd8LakygJ1ZFOVoyHII7CAAAH00A==
Date: Thu, 20 Sep 2018 08:32:28 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B93302DFE2D01@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
References: <110001d450b4$a0da8d80$e28fa880$@jpshallow.com> <787AE7BB302AE849A7480A190F8B93302DFE2C1B@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <113401d450bb$77922580$66b67080$@jpshallow.com>
In-Reply-To: <113401d450bb$77922580$66b67080$@jpshallow.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.168.234.6]
Content-Type: multipart/alternative; boundary="_000_787AE7BB302AE849A7480A190F8B93302DFE2D01OPEXCLILMA3corp_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/z1FnMHGVMqm3U7HNsTudAu3VzYU>
Subject: Re: [Dots] Are we being too restrictive in the Alias definition requirements?
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Sep 2018 08:32:32 -0000
Re-, Thank you for raising the point. Cheers, Med De : Jon Shallow [mailto:supjps-ietf@jpshallow.com] Envoyé : jeudi 20 septembre 2018 10:25 À : BOUCADAIR Mohamed IMT/OLN; dots@ietf.org Objet : RE: [Dots] Are we being too restrictive in the Alias definition requirements? Hi Med, Not a problem, I just needed to ask the question. Regards Jon From: Dots [mailto: dots-bounces@ietf.org] On Behalf Of mohamed.boucadair@orange.com Sent: 20 September 2018 08:49 To: Jon Shallow; dots@ietf.org Subject: Re: [Dots] Are we being too restrictive in the Alias definition requirements? Hi Jon, Please remind that aliases are meant to identify resources. A single port number does not identify a resource; the combination of an ip address/fqdn and ports does. If you want to include only an port number or a protocol, you can create an alias which will set the target-prefix to all prefixes of the domain. I don't see the need to modify the current text. Thanks. Cheers, Med De : Dots [mailto:dots-bounces@ietf.org] De la part de Jon Shallow Envoyé : jeudi 20 septembre 2018 09:36 À : dots@ietf.org Objet : [Dots] Are we being too restrictive in the Alias definition requirements? Hi there, Signal Draft 4.4.1. Request Mitigation In the PUT request at least one of the attributes 'target-prefix', 'target-fqdn', 'target-uri', or 'alias-name' MUST be present. Data Draft 6.1. Create Aliases In POST or PUT requests, at least one of the 'target-prefix', 'target-fqdn', or 'target-uri' attributes MUST be present. DOTS agents can safely ignore Vendor-Specific parameters they don't understand. So, it is not possible to have an Alias template that contains just ports or protocols that can be used in a mitigation request that does include the 'target-prefix', 'target-fqdn', or 'target-uri' attributes. Is this too restrictive? Possible updates Signal Draft 4.4.1. Request Mitigation NEW: In the PUT request at least one of the attributes 'target-prefix', 'target-fqdn', 'target-uri', or 'alias-name' where the alias contains at least one of the attributes 'target-prefix', 'target-fqdn', 'target-uri', MUST be present. Data Draft 6.1. Create Aliases NEW: In POST or PUT requests, at least one of the 'target-', attributes MUST be present. DOTS agents can safely ignore Vendor-Specific parameters they don't understand. Regards Jon
- [Dots] Are we being too restrictive in the Alias … Jon Shallow
- Re: [Dots] Are we being too restrictive in the Al… mohamed.boucadair
- Re: [Dots] Are we being too restrictive in the Al… Jon Shallow
- Re: [Dots] Are we being too restrictive in the Al… mohamed.boucadair