[Gen-art] Review: draft-ietf-ipsecme-ddos-protection-09

Lucy yong <lucy.yong@huawei.com> Fri, 23 September 2016 21:28 UTC

Return-Path: <lucy.yong@huawei.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 03CCA12B4DD for <gen-art@ietfa.amsl.com>; Fri, 23 Sep 2016 14:28:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.536
X-Spam-Status: No, score=-6.536 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-2.316, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id bW3DbTD7mdtd for <gen-art@ietfa.amsl.com>; Fri, 23 Sep 2016 14:28:40 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com []) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE32C12B67A for <gen-art@ietf.org>; Fri, 23 Sep 2016 14:28:38 -0700 (PDT)
Received: from (EHLO lhreml705-cah.china.huawei.com) ([]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id CRU64708; Fri, 23 Sep 2016 21:28:36 +0000 (GMT)
Received: from DFWEML703-CAH.china.huawei.com ( by lhreml705-cah.china.huawei.com ( with Microsoft SMTP Server (TLS) id; Fri, 23 Sep 2016 22:28:35 +0100
Received: from DFWEML501-MBB.china.huawei.com ([]) by DFWEML703-CAH.china.huawei.com ([]) with mapi id 14.03.0235.001; Fri, 23 Sep 2016 14:28:30 -0700
From: Lucy yong <lucy.yong@huawei.com>
To: "A. Jean Mahoney" <mahoney@nostrum.com>, General Area Review Team <gen-art@ietf.org>
Thread-Topic: [Gen-art] Review: draft-ietf-ipsecme-ddos-protection-09
Thread-Index: AdIV4WGbvDw+81ddQQGCBuojKYN+tg==
Date: Fri, 23 Sep 2016 21:28:30 +0000
Message-ID: <2691CE0099834E4A9C5044EEC662BB9D572DA459@dfweml501-mbb>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_2691CE0099834E4A9C5044EEC662BB9D572DA459dfweml501mbb_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020204.57E59E84.01D0, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: 517f1686837bdc13c145215599764e2c
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/2Lh4ERpYH-R3MXdbg50NfxqI7NU>
Subject: [Gen-art] Review: draft-ietf-ipsecme-ddos-protection-09
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Sep 2016 21:28:43 -0000

I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair.  Please treat these comments just like any other last call comments.

For more information, please see the FAQ at


Document: draft-ietf-ipsecme-ddos-protection-09

     Multi-Path Time Synchronization

Reviewer: Lucy Yong

Review Date: 23-Sept-2016

IETF LC End Date: 28-Sept-2016

IESG Telechat date: 29-Sept-2016

Summary: This document is nearly ready for publication as a standard track RFC. Some minor comments. Some nits need to be corrected.

PS: comment for IESG. The document specifies puzzles approach and related protocol to boost the difficulty for DDoS attacks. The protocol description is simple and short; however it spends many pages (section 7) to describe the processes at the Initiator and the Responder. Maybe in future IETF can consider accepting protocol software code in a RFC. This will be easier for author and no need for programmers to read the description and program it (sure they will not come out the same program logic).

Major issues: N/A

Minor issues:

Section 1: 2nd paragraph, bot-nets,

Comment: what is the bot-nets?

Section, 1st paragraph

Comment: "that must be used", should it be "that MUST be used" or "that is used"?

Nits/editorial comments:

Section 6:

s/the puzzle difficulty should/the puzzle difficulty SHOULD/

s/This will This will/This will/

Section 7.1

s/the IKE Responder should/the IKE Responder SHOULD/
s/that puzzles/puzzles/

s/next to/nearly/
s/the level should/the level SHOULD/

s/with another, and negotiate/with another and negotiate/
s/an SA payload, containing/an SA payload containing/
s/this type must/this type MUST/

s/should/SHOULD/ (3 places)
s/may continue to generate/MAY continually generate/

Section 7.1.3
s/the solution to the puzzle contain/the puzzle solution contains/
s/i.e./i.e.,/ (2 places)

Section 7.1.4
s/must/MUST/ (2 places)

Section 7.2
s/The Responder should/The Responder SHOULD/

Section 7.2.2
s/message, containing/message containing/

Section 7.2.4
s/operations i.e.  computing/operations, i.e., computing/

Section 8.1
s/PRF must/PRF MUST/

Section 9
s/Initiators should/Initiators SHOULD/

Section 10
s/Care must/Care MUST/