IETF Logo Mail Archive

Re: [Dots] draft DOTS WG Charter [updated]

"Teague, Nik" <nteague@verisign.com> Wed, 03 June 2015 13:13 UTC

Return-Path: <nteague@verisign.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E45D21A8822 for <dots@ietfa.amsl.com>; Wed, 3 Jun 2015 06:13:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MYaS62aayafj for <dots@ietfa.amsl.com>; Wed, 3 Jun 2015 06:13:14 -0700 (PDT)
Received: from mail-qg0-f97.google.com (mail-qg0-f97.google.com [209.85.192.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 59E511A87F2 for <dots@ietf.org>; Wed, 3 Jun 2015 06:13:14 -0700 (PDT)
Received: by qgaj5 with SMTP id j5so372038qga.2 for <dots@ietf.org>; Wed, 03 Jun 2015 06:13:13 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:subject:thread-topic:thread-index:date :message-id:references:in-reply-to:accept-language:content-language :user-agent:content-type:content-id:content-transfer-encoding :mime-version; bh=ZeiVRSNjb4c7Xp//rp9wazqqB+bFXfzG2rpaYl2TT6s=; b=EJY1AnJtIJivy9irGRuDDGK8VS/YNBAni6zscgqOXfqjZPUCqgIMcpBOJWLaiyciyF Re4jxUzpOAmeLwuVop6MaMh4dwY/GSzJuPe5QawKO9dIXvWuAYa7FypMarTQ7dEugQMY 3yaEGv6SPeWM9FmpLLvcwdWAZSZh8CVx90vcnon/nba9+Roiv1YS1tYb/oDZN1OtrrDY BHxqB7QRCKYFWAIzeAqOMYfsYoTsPP4QY5QImuE6kP3gO30ujBxaVDWB9DPFzixEetHp umxLJs+yxTZutSn0fPFbFNTZqq5qRhqGpXjZmsmztKOhKhaYpTOEAiha2SG1ftgJRJ+3 Csjg==
X-Gm-Message-State: ALoCoQnM0Eqn3XdYfnkaBeigbBSmyFBxH0FPOQi0YiXkC4mpBEyXl5GT239ZUpdZlyMPns3a/KarDEzp7ww4SGbj9iMKgjDnKg==
X-Received: by 10.55.26.165 with SMTP id l37mr57455752qkh.88.1433337193339; Wed, 03 Jun 2015 06:13:13 -0700 (PDT)
Received: from brn1lxmailout02.verisign.com (brn1lxmailout02.verisign.com. [72.13.63.42]) by mx.google.com with ESMTPS id fg3sm179591qcb.4.2015.06.03.06.13.12 (version=TLSv1 cipher=RC4-SHA bits=128/128); Wed, 03 Jun 2015 06:13:13 -0700 (PDT)
X-Relaying-Domain: verisign.com
Received: from brn1wnexcas02.vcorp.ad.vrsn.com (brn1wnexcas02 [10.173.152.206]) by brn1lxmailout02.verisign.com (8.13.8/8.13.8) with ESMTP id t53DDCsR017258 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 3 Jun 2015 09:13:12 -0400
Received: from BRN1WNEXMBX01.vcorp.ad.vrsn.com ([::1]) by brn1wnexcas02.vcorp.ad.vrsn.com ([::1]) with mapi id 14.03.0174.001; Wed, 3 Jun 2015 09:13:12 -0400
From: "Teague, Nik" <nteague@verisign.com>
To: Tobias Gondrom <tobias.gondrom@gondrom.org>, "dots@ietf.org" <dots@ietf.org>
Thread-Topic: [Dots] draft DOTS WG Charter [updated]
Thread-Index: AQHQkx7Dqn+0n8uoLUGYnTBjEzWvDZ2ZMKiAgABxTQCAAAgQAIAAFgQAgAESQACAACPUAIAANYgA
Date: Wed, 03 Jun 2015 13:13:12 +0000
Message-ID: <D194BB64.E42F%nteague@verisign.com>
References: <D1827CB7.DA99%nteague@verisign.com> <88E7DEFA-6F4D-465F-83A2-9540FDA865F2@arbor.net> <D193716D.E337%nteague@verisign.com> <EE8366DF-455C-424E-B5E2-82C7774EE47F@arbor.net> <D1938840.E385%nteague@verisign.com> <556EC07E.9000704@gondrom.org> <556EDE8C.9020402@gondrom.org>
In-Reply-To: <556EDE8C.9020402@gondrom.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.5.0.150423
x-originating-ip: [10.173.152.4]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <5CF60235EE12214581AA1230A950C9F7@verisign.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/dots/4f0rqaTtpTxIcm1qd8bX-hAT7SQ>
Subject: Re: [Dots] draft DOTS WG Charter [updated]
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jun 2015 13:13:20 -0000

Hi,

Updated to correct the nits Tobias highlighted on the milestone date
(Thanks!)

-Nik

-[Charter for Working Group]-

The aim of DDoS Open Threat Signaling (DOTS) is to develop a standards
based approach for the realtime signaling of DDoS related telemetry and
threat handling requests and data between elements concerned with DDoS
attack detection, classification, traceback and mitigation.

The elements may be described as:
* On-premise DDoS mitigation platforms
* Service provider DDoS mitigation platforms
* Other network elements and services with the ability to analyze and/or
influence network traffic

Elements may participate in DDoS detection, classification, traceback and
mitigation individually or within the context of a larger collaborative
system.

These elements may be communicating inter-domain or intra-domain over
links that may be congested by attack traffic resulting in hostile
conditions for connection oriented approaches and more generalized
signaling and telemetry solutions.  Robustness under these conditions is
paramount while ensuring appropriate regard for authentication,
authorization, privacy and data integrity.  Elements may be deployed as
part of a wider strategy incorporating multiple points of DDoS detection,
classification, traceback and mitigation, both on premise or service
provider based.  Should changing conditions necessitate altering the
specifics of mitigation actions and/or the topological scope of mitigation
coverage, timely and effective signaling of telemetry and current threat
status to all elements involved in the mitigation is essential.  Feedback
between participating elements is required for increased awareness
supporting effective decision making.

The WG will, where appropriate, reuse or extend existing standard
protocols and mechanisms (for example, IPFIX and its associated templating
and extension mechanisms).  The WG may coordinate on a situationally
appropriate basis with other working groups and initiatives which
compliment the DOTS effort e.g. SACM, MILE, SUPA, I2NSF et. al.

The charter of the working group is to produce one or more standards track
specifications to provide for this open signaling in the DDoS problem
space.  While the resulting standards should be designed so they apply to
network security applications beyond the DDoS problem space, this working
group will focus on signaling and coordination mechanisms directly related
to DDoS attack detection, classification, traceback and mitigation,
incorporating the general priniciples articulated in RFC5218
<https://tools.ietf.org/html/rfc5218>.  Focusing the WG efforts on DDoS is
intended to meet the community's desire for a deployable solution in the
near term.  The specification(s) produced by the WG will include a
standard mechanism for authentication and authorization, data integrity,
and providing for privacy in operation.

The WG will produce the following deliverables and milestones:

* Document or Documents describing the problem space, use cases, protocol
requirements and other qualifying information as the WG sees fit.
* Document or Documents specifying protocols and associated data models to
address the stated goals of the WG.

* Nov-2015: WG document for Requirements/Use Cases (informational)
* Mar-2016: WG document for Transport (proposed standard)
* Apr-2016: WG document for Data Model (proposed standard)

* Feb-2016: Requirements/Use Cases draft to IESG
* May-2016: Transport draft to IESG
* Jun-2016: Data Model draft to IESG

* Periodically re-examine milestones (3x month intervals)

v2.23.0 | Report a Bug | By Email