Minutes interim-2017-dots-01: Wed 10:00

Meeting Minutes DDoS Open Threat Signaling (dots) WG
Title Minutes interim-2017-dots-01: Wed 10:00
State Active
Other versions plain text
Last updated 2017-02-23

Meeting Minutes

   DDoS Open Threat Signaling (DOTS) WG Virtual Interim Meeting Agenda

Wednesday, February 22, 2017
3:00 - 4:30 PM UTC

1. Note well, logistics and introduction (chairs, 5 min)
Presenters: Roman Danyliw, Tobias Gondrom

The chairs presented a summary of the working group's activities.

Approximately 19 participants were online through-out the virtual interim

2. Use Case Discussion
Presenter: Roland Dobbins
use-cases-03-00.pdf Draft: draft-ietf-dots-use-cases-03

Dobbins summarized changes in the -03 draft and the remaining tasks.  The -04
draft is planned to be published on March 10th.

Q: (Dave Dolson): Are the open issues on github?
Q: (Andrew Mortensen): +1
A: (Roland Dobbins): No, but they could be.

Q: (Tobias Gondrom): Could any interim text be published ASAP (so as to not
wait until March 10 since the draft cut-off is approaching)? A: (Roland
Dobbins): Yes.

Q: (Andrew Mortensen): Do you anticipate any needed revisions to the
architecture draft due to the planned -04 draft? A: (Roland Dobbins): Not at
this time.

Q: (Tiru Reddy): Does the draft discuss a multi-homing scenario?
A: (Roland Dobbins): Yes, that's already covered.

3. Requirements Discussion
Presenter: Andrew Mortensen
requirements-03-00.pdf Draft: draft-ietf-dots-requirements-03

Mortensen discussed the changes in the -03 draft and recent feedback on the
mailing list.

Comment: (Frank Xia): The notion of a "session" is mentioned in the
architecture and requirements document.  It would be better to define it only
in one place.

Comment: (Frank Xia): There don't appear to be many requirement for the data
channel A: (Andrew Mortensen): We may want to remove these details and let the
data model stand for themselves. A: (Kathleen Moriarty): Are you suggesting
combining the requirements and use case documents? A: (Andrew Mortensen): Not
exactly. A: (Kathleen Moriarty): The IESG would prefer less informational
requirements/architecture documents

4. Architecture Discussion
Presenter: Andrew Mortensen
architecture-01-00.pdf Draft: draft-ietf-dots-architecture-01

Mortensen discussed the changes in the -02 draft.

Comment: (Roman Danyliw): The text would benefit more discussion of the privacy

5. Protocol Drafts

Presenter: Tiru Reddy

Reddy presented the -04 changes to the draft.

Q: (?): Does RESTCONF support imply full NETCONF use?
A: (Tiru Reddy): No, that wouldn't be mandatory

Q: (Roman Danyliw): Could you describe the consolidation activities between
this -04 version of the draft and draft-teague-dots- protocol-02? A: (Tiru
Reddy and Andrew Mortensen): The new changes in this -04 draft address the data
channel needs originally described in draft-teague-dots-protocol-01. 
Therefore, draft-teague-dots-protocol-02 has dropped specification of the data

Presenter: Tiru Reddy

Reddy presented the changes to the -08 draft.

Comment: (Andrew Mortensen): I like the new CBOR/YANG modeling in this revision.

Presenter: Nik Teague

Teague presented the changes to the -02 draft and the outstanding tasks.

Q: (Susan Hares): How much mitigation information is needed in the signaling
protocol? A: (Andrew Mortensen): RESTCONF has a lot of semantics for telemetry.
 However, the signal channel should remain lightweight.  This kind of
information should be in the data channel. A; (Susan Hares): There is also work
with RESTCONF on pub-sub.

Q: (Dave Dolson): is a session really required?
A: (Andrew Mortensen): "session" is likely overloaded in the document.  We'd
like it to be asynchronous with the only overhead being the establishing the
DTLS session.

6. Open Mic

Q: (Andrew Mortensen): How much does the WG care about QUIC?
A: (Roland Dobbins): The question likely needs to be bounded a bit more.
A: (Tiru Reddy): There may be concerns using it during attacks (due to
fragmentation). A: (Nik Teague): I'm interested.

Q: (Susan Hares): As to the signal channels, how much validation do you expect
on the message? A: (Tiru Reddy): All COAP validation would occur in the COAP
stack (not the DOTS client/server).

Q: (Susan Hares): Will the anycast usage be done with no updates?
A: (Tiru Reddy): Yes.
A: (Andrew Mortensen): There is some language about this topic in the
architecture draft. A: (Susan Hares): It would benefit from additional clarity

Comment: (Susan Hares): I don't understand how you plan to use events to status
to clients -- unicast?  anycast?

Comment: (Tiru Reddy): How will we perform key management to ensure privacy?

7. Closing
Presenters: Roman Danyliw, Tobias Gondrom

** Interim IETF 98 agenda will be published this Friday (2/22/2017)
** Based on the interim agenda, design team meetings during IETF 98 will be