| draft-ietf-dots-requirements-05.txt | draft-ietf-dots-requirements-06.txt | |||
|---|---|---|---|---|
| DOTS A. Mortensen | DOTS A. Mortensen | |||
| Internet-Draft Arbor Networks | Internet-Draft Arbor Networks | |||
| Intended status: Informational R. Moskowitz | Intended status: Informational R. Moskowitz | |||
| Expires: December 9, 2017 HTT Consulting | Expires: January 4, 2018 HTT Consulting | |||
| T. Reddy | T. Reddy | |||
| McAfee, Inc. | McAfee, Inc. | |||
| June 07, 2017 | July 03, 2017 | |||
| Distributed Denial of Service (DDoS) Open Threat Signaling Requirements | Distributed Denial of Service (DDoS) Open Threat Signaling Requirements | |||
| draft-ietf-dots-requirements-05 | draft-ietf-dots-requirements-06 | |||
| Abstract | Abstract | |||
| This document defines the requirements for the Distributed Denial of | This document defines the requirements for the Distributed Denial of | |||
| Service (DDoS) Open Threat Signaling (DOTS) protocols coordinating | Service (DDoS) Open Threat Signaling (DOTS) protocols coordinating | |||
| attack response against DDoS attacks. | attack response against DDoS attacks. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| skipping to change at page 1, line 35 ¶ | skipping to change at page 1, line 35 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on December 9, 2017. | This Internet-Draft will expire on January 4, 2018. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2017 IETF Trust and the persons identified as the | Copyright (c) 2017 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 17 ¶ | skipping to change at page 2, line 17 ¶ | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 1.1. Context and Motivation . . . . . . . . . . . . . . . . . 2 | 1.1. Context and Motivation . . . . . . . . . . . . . . . . . 2 | |||
| 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 | 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 2. Requirements . . . . . . . . . . . . . . . . . . . . . . . . 5 | 2. Requirements . . . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 2.1. General Requirements . . . . . . . . . . . . . . . . . . 7 | 2.1. General Requirements . . . . . . . . . . . . . . . . . . 7 | |||
| 2.2. Signal Channel Requirements . . . . . . . . . . . . . . . 7 | 2.2. Signal Channel Requirements . . . . . . . . . . . . . . . 7 | |||
| 2.3. Data Channel Requirements . . . . . . . . . . . . . . . . 11 | 2.3. Data Channel Requirements . . . . . . . . . . . . . . . . 11 | |||
| 2.4. Security requirements . . . . . . . . . . . . . . . . . . 13 | 2.4. Security requirements . . . . . . . . . . . . . . . . . . 13 | |||
| 2.5. Data Model Requirements . . . . . . . . . . . . . . . . . 13 | 2.5. Data Model Requirements . . . . . . . . . . . . . . . . . 14 | |||
| 3. Congestion Control Considerations . . . . . . . . . . . . . . 15 | 3. Congestion Control Considerations . . . . . . . . . . . . . . 15 | |||
| 3.1. Signal Channel . . . . . . . . . . . . . . . . . . . . . 15 | 3.1. Signal Channel . . . . . . . . . . . . . . . . . . . . . 15 | |||
| 3.2. Data Channel . . . . . . . . . . . . . . . . . . . . . . 15 | 3.2. Data Channel . . . . . . . . . . . . . . . . . . . . . . 15 | |||
| 4. Security Considerations . . . . . . . . . . . . . . . . . . . 15 | 4. Security Considerations . . . . . . . . . . . . . . . . . . . 15 | |||
| 5. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 15 | 5. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 16 | |||
| 6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 16 | 6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 16 | |||
| 7. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . 16 | 7. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . 16 | |||
| 7.1. 04 revision . . . . . . . . . . . . . . . . . . . . . . . 16 | 7.1. 04 revision . . . . . . . . . . . . . . . . . . . . . . . 16 | |||
| 7.2. 03 revision . . . . . . . . . . . . . . . . . . . . . . . 16 | 7.2. 03 revision . . . . . . . . . . . . . . . . . . . . . . . 17 | |||
| 7.3. 02 revision . . . . . . . . . . . . . . . . . . . . . . . 17 | 7.3. 02 revision . . . . . . . . . . . . . . . . . . . . . . . 17 | |||
| 7.4. 01 revision . . . . . . . . . . . . . . . . . . . . . . . 17 | 7.4. 01 revision . . . . . . . . . . . . . . . . . . . . . . . 17 | |||
| 7.5. 00 revision . . . . . . . . . . . . . . . . . . . . . . . 17 | 7.5. 00 revision . . . . . . . . . . . . . . . . . . . . . . . 18 | |||
| 7.6. Initial revision . . . . . . . . . . . . . . . . . . . . 17 | 7.6. Initial revision . . . . . . . . . . . . . . . . . . . . 18 | |||
| 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 18 | 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 18 | |||
| 8.1. Normative References . . . . . . . . . . . . . . . . . . 18 | 8.1. Normative References . . . . . . . . . . . . . . . . . . 18 | |||
| 8.2. Informative References . . . . . . . . . . . . . . . . . 19 | 8.2. Informative References . . . . . . . . . . . . . . . . . 19 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 19 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 20 | |||
| 1. Introduction | 1. Introduction | |||
| 1.1. Context and Motivation | 1.1. Context and Motivation | |||
| Distributed Denial of Service (DDoS) attacks continue to plague | Distributed Denial of Service (DDoS) attacks continue to plague | |||
| network operators around the globe, from Tier-1 service providers on | network operators around the globe, from Tier-1 service providers on | |||
| down to enterprises and small businesses. Attack scale and frequency | down to enterprises and small businesses. Attack scale and frequency | |||
| similarly have continued to increase, in part as a result of software | similarly have continued to increase, in part as a result of software | |||
| vulnerabilities leading to reflection and amplification attacks. | vulnerabilities leading to reflection and amplification attacks. | |||
| skipping to change at page 9, line 21 ¶ | skipping to change at page 9, line 21 ¶ | |||
| status messages SHOULD include the following mitigation metrics: | status messages SHOULD include the following mitigation metrics: | |||
| * Total number of packets blocked by the mitigation | * Total number of packets blocked by the mitigation | |||
| * Current number of packets per second blocked | * Current number of packets per second blocked | |||
| * Total number of bytes blocked | * Total number of bytes blocked | |||
| * Current number of bytes per second blocked | * Current number of bytes per second blocked | |||
| DOTS clients SHOULD take these metrics into account when | DOTS clients MAY take these metrics into account when determining | |||
| determining whether to ask the DOTS server to cease mitigation. | whether to ask the DOTS server to cease mitigation. | |||
| Once a DOTS client requests mitigation, the client MAY withdraw | Once a DOTS client requests mitigation, the client MAY withdraw | |||
| that request at any time, regardless of whether mitigation is | that request at any time, regardless of whether mitigation is | |||
| currently active. The DOTS server MUST immediately acknowledge a | currently active. The DOTS server MUST immediately acknowledge a | |||
| DOTS client's request to stop mitigation. | DOTS client's request to stop mitigation. | |||
| To protect against route or DNS flapping caused by a client | To protect against route or DNS flapping caused by a client | |||
| rapidly toggling mitigation, and to dampen the effect of | rapidly toggling mitigation, and to dampen the effect of | |||
| oscillating attacks, DOTS servers MAY allow mitigation to continue | oscillating attacks, DOTS servers MAY allow mitigation to continue | |||
| for a limited period after acknowledging a DOTS client's | for a limited period after acknowledging a DOTS client's | |||
| skipping to change at page 10, line 31 ¶ | skipping to change at page 10, line 31 ¶ | |||
| are out of scope for this document, but MUST be included in the | are out of scope for this document, but MUST be included in the | |||
| mitigation rejection message from the server, per SIG-005. | mitigation rejection message from the server, per SIG-005. | |||
| SIG-007 Mitigation Scope: DOTS clients MUST indicate desired | SIG-007 Mitigation Scope: DOTS clients MUST indicate desired | |||
| mitigation scope. The scope type will vary depending on the | mitigation scope. The scope type will vary depending on the | |||
| resources requiring mitigation. All DOTS agent implementations | resources requiring mitigation. All DOTS agent implementations | |||
| MUST support the following required scope types: | MUST support the following required scope types: | |||
| * IPv4 addresses in dotted quad format | * IPv4 addresses in dotted quad format | |||
| * IPv4 address prefixes in CIDR notation [RFC4632] | * IPv4 prefixes in CIDR notation [RFC4632] | |||
| * IPv6 addresses [RFC2373] | * IPv6 addresses [RFC4291][RFC5952] | |||
| * IPv6 address prefixes [RFC2373] | * IPv6 prefixes [RFC4291][RFC5952] | |||
| * Domain names [RFC1035] | * Domain names [RFC1035] | |||
| The following mitigation scope types are OPTIONAL: | The following mitigation scope types are OPTIONAL: | |||
| * Uniform Resource Identifiers [RFC3986] | * Uniform Resource Identifiers [RFC3986] | |||
| DOTS agents MUST support mitigation scope aliases, allowing DOTS | DOTS agents MUST support mitigation scope aliases, allowing DOTS | |||
| client and server to refer to collections of protected resources | client and server to refer to collections of protected resources | |||
| by an opaque identifier created through the data channel, direct | by an opaque identifier created through the data channel, direct | |||
| skipping to change at page 11, line 16 ¶ | skipping to change at page 11, line 16 ¶ | |||
| attack details. Such supplemental information is OPTIONAL, and | attack details. Such supplemental information is OPTIONAL, and | |||
| DOTS servers MAY ignore it when enabling countermeasures on the | DOTS servers MAY ignore it when enabling countermeasures on the | |||
| mitigator. | mitigator. | |||
| As an active attack evolves, clients MUST be able to adjust as | As an active attack evolves, clients MUST be able to adjust as | |||
| necessary the scope of requested mitigation by refining the scope | necessary the scope of requested mitigation by refining the scope | |||
| of resources requiring mitigation. | of resources requiring mitigation. | |||
| SIG-008 Mitigation Efficacy: When a mitigation request by a DOTS | SIG-008 Mitigation Efficacy: When a mitigation request by a DOTS | |||
| client is active, DOTS clients SHOULD transmit a metric of | client is active, DOTS clients SHOULD transmit a metric of | |||
| perceived mitigation efficacy to the DOTS server, per "Automatic | perceived mitigation efficacy to the DOTS server. DOTS servers | |||
| or Operator-Assisted CPE or PE Mitigators Request Upstream DDoS | ||||
| Mitigation Services" in [I-D.ietf-dots-use-cases]. DOTS servers | ||||
| MAY use the efficacy metric to adjust countermeasures activated on | MAY use the efficacy metric to adjust countermeasures activated on | |||
| a mitigator on behalf of a DOTS client. | a mitigator on behalf of a DOTS client. | |||
| SIG-009 Conflict Detection and Notification: Multiple DOTS clients | SIG-009 Conflict Detection and Notification: Multiple DOTS clients | |||
| controlled by a single administrative entity may send conflicting | controlled by a single administrative entity may send conflicting | |||
| mitigation requests for pool of protected resources , as a result | mitigation requests for pool of protected resources , as a result | |||
| of misconfiguration, operator error, or compromised DOTS clients. | of misconfiguration, operator error, or compromised DOTS clients. | |||
| DOTS servers attempting to honor conflicting requests may flap | DOTS servers attempting to honor conflicting requests may flap | |||
| network route or DNS information, degrading the networks | network route or DNS information, degrading the networks | |||
| attempting to participate in attack response with the DOTS | attempting to participate in attack response with the DOTS | |||
| clients. DOTS servers SHALL detect such conflicting requests, and | clients. DOTS servers SHALL detect such conflicting requests, and | |||
| SHALL notify the DOTS clients in conflict. The notification | SHALL notify the DOTS clients in conflict. The notification | |||
| SHOULD indicate the nature and scope of the conflict, for example, | SHOULD indicate the nature and scope of the conflict, for example, | |||
| the overlapping prefix range in a conflicting mitigation request. | the overlapping prefix range in a conflicting mitigation request. | |||
| SIG-010: Network Address Translator Traversal: The DOTS protocol | SIG-010: Network Address Translator Traversal: DOTS clients may be | |||
| MUST operate over networks in which Network Address Translation | deployed behind a Network Address Translator (NAT), and need to | |||
| (NAT) is deployed. If UDP is used as the transport for the DOTS | communicate with DOTS servers through the NAT. DOTS protocols | |||
| signal channel, all considerations in "Middlebox Traversal | MUST therefore be capable of traversing NATs. | |||
| Guidelines" in [RFC5405] apply to DOTS. Regardless of transport, | ||||
| DOTS protocols MUST follow established best common practices | If UDP is used as the transport for the DOTS signal channel, all | |||
| (BCPs) for NAT traversal. | considerations in "Middlebox Traversal Guidelines" in [RFC5405] | |||
| apply to DOTS. Regardless of transport, DOTS protocols MUST | ||||
| follow established best common practices (BCPs) for NAT traversal. | ||||
| 2.3. Data Channel Requirements | 2.3. Data Channel Requirements | |||
| The data channel is intended to be used for bulk data exchanges | The data channel is intended to be used for bulk data exchanges | |||
| between DOTS agents. Unlike the signal channel, which must operate | between DOTS agents. Unlike the signal channel, which must operate | |||
| nominally even when confronted with signal degradation due to packet | nominally even when confronted with signal degradation due to packet | |||
| loss, the data channel is not expected to be constructed to deal with | loss, the data channel is not expected to be constructed to deal with | |||
| attack conditions. As the primary function of the data channel is | attack conditions. As the primary function of the data channel is | |||
| data exchange, a reliable transport is required in order for DOTS | data exchange, a reliable transport is required in order for DOTS | |||
| agents to detect data delivery success or failure. | agents to detect data delivery success or failure. | |||
| skipping to change at page 12, line 40 ¶ | skipping to change at page 12, line 40 ¶ | |||
| may be revealed to third-party DOTS agents, such considerations | may be revealed to third-party DOTS agents, such considerations | |||
| are not in scope for this document. | are not in scope for this document. | |||
| DATA-003 Resource Configuration: To help meet the general and signal | DATA-003 Resource Configuration: To help meet the general and signal | |||
| channel requirements in this document, DOTS server implementations | channel requirements in this document, DOTS server implementations | |||
| MUST provide an interface to configure resource identifiers, as | MUST provide an interface to configure resource identifiers, as | |||
| described in SIG-007. DOTS server implementations MAY expose | described in SIG-007. DOTS server implementations MAY expose | |||
| additional configurability. Additional configurability is | additional configurability. Additional configurability is | |||
| implementation-specific. | implementation-specific. | |||
| DATA-004 Black- and whitelist management: DOTS servers SHOULD | DATA-004 Black- and whitelist management: DOTS servers MUST provide | |||
| provide methods for DOTS clients to manage black- and white-lists | methods for DOTS clients to manage black- and white-lists of | |||
| of traffic destined for resources belonging to a client. | traffic destined for resources belonging to a client. | |||
| For example, a DOTS client should be able to create a black- or | For example, a DOTS client should be able to create a black- or | |||
| whitelist entry; retrieve a list of current entries from either | whitelist entry; retrieve a list of current entries from either | |||
| list; update the content of either list; and delete entries as | list; update the content of either list; and delete entries as | |||
| necessary. | necessary. | |||
| How the DOTS server determines client ownership of address space | How the DOTS server authorizes DOTS client management of black- | |||
| is not in scope. | and white-list entries is implementation-specific. | |||
| 2.4. Security requirements | 2.4. Security requirements | |||
| DOTS must operate within a particularly strict security context, as | DOTS must operate within a particularly strict security context, as | |||
| an insufficiently protected signal or data channel may be subject to | an insufficiently protected signal or data channel may be subject to | |||
| abuse, enabling or supplementing the very attacks DOTS purports to | abuse, enabling or supplementing the very attacks DOTS purports to | |||
| mitigate. | mitigate. | |||
| SEC-001 Peer Mutual Authentication: DOTS agents MUST authenticate | SEC-001 Peer Mutual Authentication: DOTS agents MUST authenticate | |||
| each other before a DOTS signal or data channel is considered | each other before a DOTS signal or data channel is considered | |||
| skipping to change at page 13, line 39 ¶ | skipping to change at page 13, line 39 ¶ | |||
| above. | above. | |||
| While the interfaces between downstream DOTS server and upstream | While the interfaces between downstream DOTS server and upstream | |||
| DOTS client within a DOTS gateway are implementation-specific, | DOTS client within a DOTS gateway are implementation-specific, | |||
| those interfaces nevertheless MUST provide security equivalent to | those interfaces nevertheless MUST provide security equivalent to | |||
| that of the signal channels bridged by gateways in the signaling | that of the signal channels bridged by gateways in the signaling | |||
| path. For example, when a DOTS gateway consisting of a DOTS | path. For example, when a DOTS gateway consisting of a DOTS | |||
| server and DOTS client is running on the same logical device, they | server and DOTS client is running on the same logical device, they | |||
| must be within the same process security boundary. | must be within the same process security boundary. | |||
| SEC-003 Message Replay Protection: In order to prevent a passive | SEC-003 Message Replay Protection: To prevent a passive attacker | |||
| attacker from capturing and replaying old messages, DOTS protocols | from capturing and replaying old messages, and thereby potentially | |||
| MUST provide a method for replay detection. | disrupting or influencing the network policy of the receiving DOTS | |||
| agent's domain, DOTS protocols MUST provide a method for replay | ||||
| detection and prevention. | ||||
| Within the signal channel, messages MUST be uniquely identified | ||||
| such that replayed or duplicated messages may be detected and | ||||
| discarded. Unique mitigation requests MUST be processed at most | ||||
| once. | ||||
| SEC-004 Authorization: DOTS servers MUST authorize all messages from | ||||
| DOTS clients which pertain to mitigation, configuration, | ||||
| filtering, or status. | ||||
| DOTS servers MUST reject mitigation requests with scopes which the | ||||
| DOTS client is not authorized to manage. | ||||
| Likewise, DOTS servers MUST refuse to allow creation, modification | ||||
| or deletion of scope aliases and black-/white-lists when the DOTS | ||||
| client is unauthorized. | ||||
| The modes of authorization are implementation-specific. | ||||
| 2.5. Data Model Requirements | 2.5. Data Model Requirements | |||
| The value of DOTS is in standardizing a mechanism to permit elements, | The value of DOTS is in standardizing a mechanism to permit elements, | |||
| networks or domains under or under threat of DDoS attack to request | networks or domains under or under threat of DDoS attack to request | |||
| aid mitigating the effects of any such attack. A well-structured | aid mitigating the effects of any such attack. A well-structured | |||
| DOTS data model is therefore critical to the development of a | DOTS data model is therefore critical to the development of a | |||
| successful DOTS protocol. | successful DOTS protocol. | |||
| DM-001: Structure: The data model structure for the DOTS protocol | DM-001: Structure: The data model structure for the DOTS protocol | |||
| skipping to change at page 18, line 39 ¶ | skipping to change at page 19, line 10 ¶ | |||
| [RFC1191] Mogul, J. and S. Deering, "Path MTU discovery", RFC 1191, | [RFC1191] Mogul, J. and S. Deering, "Path MTU discovery", RFC 1191, | |||
| DOI 10.17487/RFC1191, November 1990, | DOI 10.17487/RFC1191, November 1990, | |||
| <http://www.rfc-editor.org/info/rfc1191>. | <http://www.rfc-editor.org/info/rfc1191>. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <http://www.rfc-editor.org/info/rfc2119>. | <http://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC2373] Hinden, R. and S. Deering, "IP Version 6 Addressing | ||||
| Architecture", RFC 2373, DOI 10.17487/RFC2373, July 1998, | ||||
| <http://www.rfc-editor.org/info/rfc2373>. | ||||
| [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform | [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform | |||
| Resource Identifier (URI): Generic Syntax", STD 66, | Resource Identifier (URI): Generic Syntax", STD 66, | |||
| RFC 3986, DOI 10.17487/RFC3986, January 2005, | RFC 3986, DOI 10.17487/RFC3986, January 2005, | |||
| <http://www.rfc-editor.org/info/rfc3986>. | <http://www.rfc-editor.org/info/rfc3986>. | |||
| [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing | ||||
| Architecture", RFC 4291, DOI 10.17487/RFC4291, February | ||||
| 2006, <http://www.rfc-editor.org/info/rfc4291>. | ||||
| [RFC4632] Fuller, V. and T. Li, "Classless Inter-domain Routing | [RFC4632] Fuller, V. and T. Li, "Classless Inter-domain Routing | |||
| (CIDR): The Internet Address Assignment and Aggregation | (CIDR): The Internet Address Assignment and Aggregation | |||
| Plan", BCP 122, RFC 4632, DOI 10.17487/RFC4632, August | Plan", BCP 122, RFC 4632, DOI 10.17487/RFC4632, August | |||
| 2006, <http://www.rfc-editor.org/info/rfc4632>. | 2006, <http://www.rfc-editor.org/info/rfc4632>. | |||
| [RFC4821] Mathis, M. and J. Heffner, "Packetization Layer Path MTU | [RFC4821] Mathis, M. and J. Heffner, "Packetization Layer Path MTU | |||
| Discovery", RFC 4821, DOI 10.17487/RFC4821, March 2007, | Discovery", RFC 4821, DOI 10.17487/RFC4821, March 2007, | |||
| <http://www.rfc-editor.org/info/rfc4821>. | <http://www.rfc-editor.org/info/rfc4821>. | |||
| [RFC5405] Eggert, L. and G. Fairhurst, "Unicast UDP Usage Guidelines | [RFC5405] Eggert, L. and G. Fairhurst, "Unicast UDP Usage Guidelines | |||
| for Application Designers", RFC 5405, | for Application Designers", RFC 5405, | |||
| DOI 10.17487/RFC5405, November 2008, | DOI 10.17487/RFC5405, November 2008, | |||
| <http://www.rfc-editor.org/info/rfc5405>. | <http://www.rfc-editor.org/info/rfc5405>. | |||
| [RFC5952] Kawamura, S. and M. Kawashima, "A Recommendation for IPv6 | ||||
| Address Text Representation", RFC 5952, | ||||
| DOI 10.17487/RFC5952, August 2010, | ||||
| <http://www.rfc-editor.org/info/rfc5952>. | ||||
| 8.2. Informative References | 8.2. Informative References | |||
| [I-D.ietf-dots-architecture] | [I-D.ietf-dots-architecture] | |||
| Mortensen, A., Andreasen, F., Reddy, T., | Mortensen, A., Andreasen, F., Reddy, T., | |||
| christopher_gray3@cable.comcast.com, c., Compton, R., and | christopher_gray3@cable.comcast.com, c., Compton, R., and | |||
| N. Teague, "Distributed-Denial-of-Service Open Threat | N. Teague, "Distributed-Denial-of-Service Open Threat | |||
| Signaling (DOTS) Architecture", draft-ietf-dots- | Signaling (DOTS) Architecture", draft-ietf-dots- | |||
| architecture-02 (work in progress), May 2017. | architecture-03 (work in progress), June 2017. | |||
| [I-D.ietf-dots-use-cases] | [I-D.ietf-dots-use-cases] | |||
| Dobbins, R., Fouant, S., Migault, D., Moskowitz, R., | Dobbins, R., Fouant, S., Migault, D., Moskowitz, R., | |||
| Teague, N., Xia, L., and K. Nishizuka, "Use cases for DDoS | Teague, N., Xia, L., and K. Nishizuka, "Use cases for DDoS | |||
| Open Threat Signaling (DDoS) Open Threat Signaling", | Open Threat Signaling (DDoS) Open Threat Signaling", | |||
| draft-ietf-dots-use-cases-05 (work in progress), May 2017. | draft-ietf-dots-use-cases-05 (work in progress), May 2017. | |||
| [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, | [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, | |||
| A., Peterson, J., Sparks, R., Handley, M., and E. | A., Peterson, J., Sparks, R., Handley, M., and E. | |||
| Schooler, "SIP: Session Initiation Protocol", RFC 3261, | Schooler, "SIP: Session Initiation Protocol", RFC 3261, | |||
| End of changes. 22 change blocks. | ||||
| 38 lines changed or deleted | 63 lines changed or added | |||
This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||