Re: [Ace] New Version Notification for draft-navas-ace-secure-time-synchronization-00.txt

Randy Presuhn <> Tue, 01 November 2016 18:10 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 59A6C1296BA for <>; Tue, 1 Nov 2016 11:10:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id em8xcN2z4kx1 for <>; Tue, 1 Nov 2016 11:10:37 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 253A91294DA for <>; Tue, 1 Nov 2016 11:10:37 -0700 (PDT)
Received: by with SMTP id d2so24015408pfd.0 for <>; Tue, 01 Nov 2016 11:10:37 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=UHQ+1qqTEGw+XD1yYXCMIVc475Q9xV8+6+MEkDxMgqg=; b=e2r4CW4rxcUjkf243uqGeZm6gou4d0X/pCFCxFos/LizQBphVxS+fsDzlVTznX5S42 wCn5E2CUm9UvRtpVjKxLdf2nX+QbALpEr6N3MAafOBywaok4TF8XZyBdGBKNSyK6XHcJ NJ0FSRNCLHmhnmgkZjs2nBL/WJ9E0QCEkXHJm3GiisAZwQgjk4NMaRY2Y8mcKFBf+oXq LTEMImneXK5lmet1fwyJhwYiIn7GUPCIB+aXRbGNYtUFbKBi63tC3cc4cY62D2RqGUr2 QmWraGl10My+2Pwgl4SW6f5J14npWGAVxEtPqYSYYX7TFJZRkDooALPNWHhXNFNr7JDo XT9Q==
X-Gm-Message-State: ABUngveiXv9JnGycTmv9giUu9Su+ehRsJwu6AvU/y3w4/pmbdY7Ir+c++GYBTo4XDliw1ZwU
X-Received: by with SMTP id d7mr36348841pfg.3.1478023836172; Tue, 01 Nov 2016 11:10:36 -0700 (PDT)
Received: from [] ( []) by with ESMTPSA id xk6sm43770372pab.26.2016. for <> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 01 Nov 2016 11:10:35 -0700 (PDT)
References: <> <> <>
From: Randy Presuhn <>
Message-ID: <>
Date: Tue, 01 Nov 2016 11:10:36 -0700
User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:45.0) Gecko/20100101 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <>
Subject: Re: [Ace] New Version Notification for draft-navas-ace-secure-time-synchronization-00.txt
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 01 Nov 2016 18:10:38 -0000

Hi -

On 10/31/2016 11:45 PM, Ludwig Seitz wrote:
> On 2016-11-01 01:41, Randy Presuhn wrote:
>> Hi -
>> On 10/31/2016 7:25 AM, Renzo Navas wrote:
>> ...
>>> The need for a secure source of time is getting clearer on ACE (either
>>> that, or mechanisms to assure freshness of each transaction), and we
>>> hope that with this protocol we are giving the first step to come up
>>> with a constrained-resource friendly solution.
>> ...
>> Along the way to SNMPv3, we learned that a full-blown time
>> protocol isn't actually necessary to provide authentication,
>> timeliness, replay protection, etc.  See RFC 3414 for details
>> on how to get these properties cheaply, both from protocol
>> overhead and processing perspectives.
>> Randy
> Does your "etc" include expiration of access tokens?

The standard access control model (VACM, RFC 3415) does not
rely on "access tokens" - what is (and is not) allowed is
determined the currently configured permissions on the system
whose information is being accessed / modified / published,
and the authenticated identity of the user/entity to which the
information is being delivered or by which it is being modified.

This may or may not meet your needs.  The SNMP design was driven
in part by a requirement for things to work correctly even when
large portions of the internet infrastructure (such as NTP,
PKI, DNS, etc.) were malfunctioning, broken, or under attack,
and to work on systems with minimal (from the perspective
of the late 1980s and extending into the 1990s) capabilities.
Again, this might not be necessary here.  It does seem, however,
that what seems like a shortcut here or there can have large
impacts on the ultimate complexity and technology footprint
of a design...