DDoS Open Threat Signaling
charter-ietf-dots-01
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2022-03-23
|
01 | Amy Vezza | Responsible AD changed to Paul Wouters from Benjamin Kaduk |
2018-03-21
|
01 | Cindy Morgan | Responsible AD changed to Benjamin Kaduk from Kathleen Moriarty |
2015-06-26
|
01 | Cindy Morgan | New version available: charter-ietf-dots-01.txt |
2015-06-26
|
01 | Cindy Morgan | State changed to Approved from IESG review |
2015-06-26
|
01 | Cindy Morgan | IESG has approved the charter |
2015-06-26
|
01 | Cindy Morgan | Closed "Approve" ballot |
2015-06-26
|
01 | Cindy Morgan | Closed "Ready for external review" ballot |
2015-06-26
|
00-07 | Cindy Morgan | WG action text was changed |
2015-06-26
|
00-07 | Cindy Morgan | New version to fix line breaks. |
2015-06-26
|
00-07 | Cindy Morgan | New version available: charter-ietf-dots-00-07.txt |
2015-06-26
|
00-06 | Cindy Morgan | WG action text was changed |
2015-06-25
|
00-06 | Alia Atlas | [Ballot Position Update] New position, No Objection, has been recorded for Alia Atlas |
2015-06-25
|
00-06 | Kathleen Moriarty | New version available: charter-ietf-dots-00-06.txt |
2015-06-25
|
00-05 | Benoît Claise | [Ballot Position Update] Position for Benoit Claise has been changed to Yes from No Objection |
2015-06-25
|
00-05 | Benoît Claise | [Ballot comment] This might be part of "* Document or Documents describing the problem space, use cases, protocol requirements and other qualifying information as the … [Ballot comment] This might be part of "* Document or Documents describing the problem space, use cases, protocol requirements and other qualifying information as the WG sees fit." but since you listed some deliverables and milestones, it might be worth specifically mentioning an applicatibility statement (or architecture) document explaining how all these elements should communicate together for a complete DDoS service. |
2015-06-25
|
00-05 | Benoît Claise | [Ballot Position Update] New position, No Objection, has been recorded for Benoit Claise |
2015-06-24
|
00-05 | Jari Arkko | [Ballot Position Update] New position, Yes, has been recorded for Jari Arkko |
2015-06-24
|
00-05 | Deborah Brungard | [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard |
2015-06-24
|
00-05 | Brian Haberman | [Ballot Position Update] New position, Yes, has been recorded for Brian Haberman |
2015-06-24
|
00-05 | Alissa Cooper | [Ballot Position Update] New position, No Objection, has been recorded for Alissa Cooper |
2015-06-24
|
00-05 | Martin Stiemerling | [Ballot comment] a remaining it: s/a encapsulation/an encapsulation/ |
2015-06-24
|
00-05 | Martin Stiemerling | [Ballot Position Update] New position, No Objection, has been recorded for Martin Stiemerling |
2015-06-23
|
00-05 | Ben Campbell | [Ballot Position Update] New position, No Objection, has been recorded for Ben Campbell |
2015-06-22
|
00-05 | Joel Jaeggli | [Ballot Position Update] New position, No Objection, has been recorded for Joel Jaeggli |
2015-06-22
|
00-05 | Barry Leiba | [Ballot Position Update] New position, Yes, has been recorded for Barry Leiba |
2015-06-22
|
00-05 | Alvaro Retana | [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana |
2015-06-22
|
00-05 | Kathleen Moriarty | [Ballot Position Update] New position, Yes, has been recorded for Kathleen Moriarty |
2015-06-22
|
00-05 | Kathleen Moriarty | Created "Approve" ballot |
2015-06-22
|
00-05 | Kathleen Moriarty | State changed to IESG review from External review |
2015-06-12
|
00-05 | Cindy Morgan | Telechat date has been changed to 2015-06-25 from 2015-06-11 |
2015-06-12
|
00-05 | Cindy Morgan | State changed to External review from Internal review |
2015-06-12
|
00-05 | Cindy Morgan | WG review text was changed |
2015-06-12
|
00-04 | Cindy Morgan | WG review text was changed |
2015-06-11
|
00-05 | Kathleen Moriarty | New version available: charter-ietf-dots-00-05.txt |
2015-06-11
|
00-04 | Kathleen Moriarty | New version available: charter-ietf-dots-00-04.txt |
2015-06-11
|
00-03 | Martin Stiemerling | [Ballot comment] Thank you for addressing my issue. |
2015-06-11
|
00-03 | Martin Stiemerling | [Ballot Position Update] Position for Martin Stiemerling has been changed to No Objection from Block |
2015-06-11
|
00-03 | Kathleen Moriarty | New version available: charter-ietf-dots-00-03.txt |
2015-06-11
|
00-02 | Benoît Claise | [Ballot comment] Based one the fact that DDOS systems within different ISPs already discuss together today (but with a proprietary protocol), as mentioned by Kathleen, … [Ballot comment] Based one the fact that DDOS systems within different ISPs already discuss together today (but with a proprietary protocol), as mentioned by Kathleen, I'm clearing my DISCUSS. For documentation purposes, the BLOCK was: More of DISCUSS-DISCUSS for the telechat than a BLOCK. "These elements may be communicating inter-domain or intra-domain over links that may be congested by attack traffic resulting in hostile conditions for connection oriented approaches and more generalized signaling and telemetry solutions." "Document or Documents describing the problem space, use cases, protocol requirements and other qualifying information as the WG sees fit." I would strongly encourage the group to focus first on the intra-domain: this is already a huge problem. The inter-domain use cases will lead to different set of requirements (sending telemetry info across domains, potential synchronization of the collecting infrastructure). Sharing IPFIX data between domains is not a reality today, and and when I see "Feedback between participating elements is required for increased awareness supporting effective decision making.", it remains to be seen if elements from different domains will communicate... Don't make the scope too big. ======================== Btw, any link with BGP Flow Spec to block the attack? |
2015-06-11
|
00-02 | Benoît Claise | Ballot comment text updated for Benoit Claise |
2015-06-11
|
00-02 | Benoît Claise | [Ballot comment] Based one the fact that DDOS systems within different ISPs already discuss together today (but with a proprietary protocol), I'm clearing my DISCUSS. … [Ballot comment] Based one the fact that DDOS systems within different ISPs already discuss together today (but with a proprietary protocol), I'm clearing my DISCUSS. For documentation purposes, the BLOCK was: More of DISCUSS-DISCUSS for the telechat than a BLOCK. "These elements may be communicating inter-domain or intra-domain over links that may be congested by attack traffic resulting in hostile conditions for connection oriented approaches and more generalized signaling and telemetry solutions." "Document or Documents describing the problem space, use cases, protocol requirements and other qualifying information as the WG sees fit." I would strongly encourage the group to focus first on the intra-domain: this is already a huge problem. The inter-domain use cases will lead to different set of requirements (sending telemetry info across domains, potential synchronization of the collecting infrastructure). Sharing IPFIX data between domains is not a reality today, and and when I see "Feedback between participating elements is required for increased awareness supporting effective decision making.", it remains to be seen if elements from different domains will communicate... Don't make the scope too big. ======================== Btw, any link with BGP Flow Spec to block the attack? |
2015-06-11
|
00-02 | Benoît Claise | [Ballot Position Update] Position for Benoit Claise has been changed to No Objection from Block |
2015-06-11
|
00-02 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko |
2015-06-11
|
00-02 | Benoît Claise | [Ballot block] More of DISCUSS-DISCUSS for the telechat than a BLOCK. "These elements may be communicating inter-domain or intra-domain over links that may be congested … [Ballot block] More of DISCUSS-DISCUSS for the telechat than a BLOCK. "These elements may be communicating inter-domain or intra-domain over links that may be congested by attack traffic resulting in hostile conditions for connection oriented approaches and more generalized signaling and telemetry solutions." "Document or Documents describing the problem space, use cases, protocol requirements and other qualifying information as the WG sees fit." I would strongly encourage the group to focus first on the intra-domain: this is already a huge problem. The inter-domain use cases will lead to different set of requirements (sending telemetry info across domains, potential synchronization of the collecting infrastructure). Sharing IPFIX data between domains is not a reality today, and and when I see "Feedback between participating elements is required for increased awareness supporting effective decision making.", it remains to be seen if elements from different domains will communicate... Don't make the scope too big. |
2015-06-11
|
00-02 | Benoît Claise | [Ballot comment] Btw, any link with BGP Flow Spec to block the attack? |
2015-06-11
|
00-02 | Benoît Claise | [Ballot Position Update] New position, Block, has been recorded for Benoit Claise |
2015-06-11
|
00-02 | Joel Jaeggli | [Ballot comment] One consistent issue that I have found with pushing telemery and then mitigation upstream is the loss of visibility into the attack. so … [Ballot comment] One consistent issue that I have found with pushing telemery and then mitigation upstream is the loss of visibility into the attack. so while downstream customers may be senders of information at some point they also need any telemetry generated upstream. |
2015-06-11
|
00-02 | Joel Jaeggli | [Ballot Position Update] New position, No Objection, has been recorded for Joel Jaeggli |
2015-06-10
|
00-02 | Terry Manderson | [Ballot comment] The first thing that grabbed me was impact of DOTS on a system/network that is under attack. I think Martin has raised it … [Ballot comment] The first thing that grabbed me was impact of DOTS on a system/network that is under attack. I think Martin has raised it well, so I won't belabour the point. I wonder if this, in the nature of the work, is going to be of a far more experimental nature than it is a standards track body of work? I can foresee _multiple_ iterations (presuming the proponents move passed talking about the problem) over implementation and design principles. As a WG outputting experimental documents it will mean that they will have an interesting time modifying existing RFCs within the WG, but will be able to still collaborate with other WGs as necessary. |
2015-06-10
|
00-02 | Terry Manderson | [Ballot Position Update] New position, No Objection, has been recorded for Terry Manderson |
2015-06-10
|
00-02 | Spencer Dawkins | [Ballot comment] I have the same question Martin has, in his BLOCK. If there are any requirements for the transport protocol that would disqualify TCP … [Ballot comment] I have the same question Martin has, in his BLOCK. If there are any requirements for the transport protocol that would disqualify TCP (or, for extra credit, SCTP or MP-TCP), it would be great to know that at charter time. Thank you for addressing Stephen's BLOCK-light. |
2015-06-10
|
00-02 | Spencer Dawkins | [Ballot Position Update] New position, No Objection, has been recorded for Spencer Dawkins |
2015-06-10
|
00-02 | Kathleen Moriarty | New version available: charter-ietf-dots-00-02.txt |
2015-06-10
|
00-01 | Martin Stiemerling | [Ballot block] [updated to DISCUSS, after the email discussion with Tobias] The charter has to document the fact that the WG might be required to … [Ballot block] [updated to DISCUSS, after the email discussion with Tobias] The charter has to document the fact that the WG might be required to evaluate what transport protocol should be used for transporting DOTS. My next question would be: Is there the assumption that the DOTS signaling is travelling the reverse path of the DoS attack? Or is the DOTS signaling ok travelling a different path from one NE under attack the an upstream NE under attack? My original question is below: I support the chartering, but I have a question about this paragraph: "These elements may be communicating inter-domain or intra-domain over links that may be congested by attack traffic resulting in hostile conditions for connection oriented approaches and more generalized signaling and telemetry solutions." Is this text trying to make a statement that, for instance, TCP cannot be used for transporting threat signaling? As this text says "hostile conditions for connection oriented". And if so, what would be the intended alternative, if any? |
2015-06-10
|
00-01 | Martin Stiemerling | [Ballot Position Update] Position for Martin Stiemerling has been changed to Block from No Objection |
2015-06-10
|
00-01 | Alia Atlas | [Ballot Position Update] New position, No Objection, has been recorded for Alia Atlas |
2015-06-10
|
00-01 | Martin Stiemerling | [Ballot comment] I support the chartering, but I have a question about this paragraph: "These elements may be communicating inter-domain or intra-domain over links that … [Ballot comment] I support the chartering, but I have a question about this paragraph: "These elements may be communicating inter-domain or intra-domain over links that may be congested by attack traffic resulting in hostile conditions for connection oriented approaches and more generalized signaling and telemetry solutions." Is this text trying to make a statement that, for instance, TCP cannot be used for transporting threat signaling? As this text says "hostile conditions for connection oriented". And if so, what would be the intended alternative, if any? |
2015-06-10
|
00-01 | Martin Stiemerling | [Ballot Position Update] New position, No Objection, has been recorded for Martin Stiemerling |
2015-06-10
|
00-01 | Deborah Brungard | [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard |
2015-06-10
|
00-01 | Brian Haberman | [Ballot Position Update] New position, Yes, has been recorded for Brian Haberman |
2015-06-09
|
00-01 | Ben Campbell | [Ballot comment] I concur with Stephen's comment about privacy-friendly defaults. |
2015-06-09
|
00-01 | Ben Campbell | [Ballot Position Update] New position, No Objection, has been recorded for Ben Campbell |
2015-06-08
|
00-01 | Alissa Cooper | [Ballot Position Update] New position, No Objection, has been recorded for Alissa Cooper |
2015-06-08
|
00-01 | Alvaro Retana | [Ballot comment] The text says that the WG will reuse or extend existing standard protocols and mechanisms, which is great! However, is the intent for … [Ballot comment] The text says that the WG will reuse or extend existing standard protocols and mechanisms, which is great! However, is the intent for dots to standardize those extensions (if needed)? IOW, if an existing protocol (for signaling, for example) is extended, I think that the WG responsible for that protocol should be the one driving the standardization based on the requirements from dots. The text mentions ipfix as an example; I know the ipfix WG is closed, so it can't take ownership of the extensions, but the OPS area should at least be consulted. After saying all that, I would suggest adding something explicit about consulting, coordinating, etc. with other WGs that may be responsible for any protocols being extended. Maybe something like this: "Any modification of or extension to existing protocols must be carried out in the working groups responsible for the protocol being modified and in co-ordination with this working group, but may be done in this working group after agreement with all the relevant WG chairs and responsible Area Directors." |
2015-06-08
|
00-01 | Alvaro Retana | [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana |
2015-06-08
|
00-01 | Stephen Farrell | [Ballot comment] This is not a BLOCK but I'd like to chat about it and may consider it being a BLOCK at the next stage, … [Ballot comment] This is not a BLOCK but I'd like to chat about it and may consider it being a BLOCK at the next stage, depending on the discussion. The text says "providing for privacy in operation" but I think it ought say "providing for privacy in operation, with privacy-friendly choices being the default in all cases" (or similar). This kind of reporting can easily end up privacy-unfriendly, especially when we're saying the WG should consider "network security applications beyond the DDoS problem space" which could be interpreted by some to include very privacy-unfriendly applications. So I think explicitly calling for the default to be whatever privacy-friendly choices exist and are usable is important here. |
2015-06-08
|
00-01 | Stephen Farrell | [Ballot Position Update] New position, No Objection, has been recorded for Stephen Farrell |
2015-06-06
|
00-01 | Barry Leiba | [Ballot comment] There is likely significant overlap here with deployed stuff , and M3AAWG would know about that. I will talk with people about that … [Ballot comment] There is likely significant overlap here with deployed stuff , and M3AAWG would know about that. I will talk with people about that during the upcoming week at M3AAWG in Dublin, and I will make sure that the external review message is posted to the M3AAWG Technical Committee. But I would appreciate it if the charter explicitly called out collaboration with M3AAWG. |
2015-06-06
|
00-01 | Barry Leiba | [Ballot Position Update] New position, No Objection, has been recorded for Barry Leiba |
2015-06-04
|
00-01 | Kathleen Moriarty | Changed charter milestone "Data model document as proposed standard to IESG", set due date to June 2016 from May 2016 |
2015-06-04
|
00-01 | Kathleen Moriarty | Changed charter milestone "Transport document as proposed standard to IESG", set due date to May 2016 from April 2016 |
2015-06-04
|
00-01 | Kathleen Moriarty | Changed charter milestone "Requirements/use case information document to IESG", set due date to February 2016 from October 2015 |
2015-06-04
|
00-01 | Kathleen Moriarty | New version available: charter-ietf-dots-00-01.txt |
2015-06-04
|
00-00 | Kathleen Moriarty | [Ballot Position Update] New position, Yes, has been recorded for Kathleen Moriarty |
2015-06-04
|
00-00 | Kathleen Moriarty | Placed on agenda for telechat - 2015-06-11 |
2015-06-04
|
00-00 | Kathleen Moriarty | Added charter milestone "Data model document as proposed standard to IESG", due May 2016 |
2015-06-04
|
00-00 | Kathleen Moriarty | Added charter milestone "Transport document as proposed standard to IESG", due April 2016 |
2015-06-04
|
00-00 | Kathleen Moriarty | Added charter milestone "Requirements/use case information document to IESG", due October 2015 |
2015-06-04
|
00-00 | Kathleen Moriarty | WG action text was changed |
2015-06-04
|
00-00 | Kathleen Moriarty | WG review text was changed |
2015-06-04
|
00-00 | Kathleen Moriarty | Created "Ready for external review" ballot |
2015-06-04
|
00-00 | Kathleen Moriarty | State changed to Internal review from Informal IESG review |
2015-06-04
|
00-00 | Kathleen Moriarty | Initial review time expires 2015-06-11 |
2015-06-04
|
00-00 | Kathleen Moriarty | State changed to Informal IESG review from Not currently under review |
2015-06-04
|
00-00 | Kathleen Moriarty | New version available: charter-ietf-dots-00-00.txt |