Re: [dhcwg] [ntpwg] Fwd: New Version Notification for draft-ogud-dhc-udp-time-option-01.txt

Kurt Roeckx <kurt@roeckx.be> Tue, 03 December 2013 12:27 UTC

Return-Path: <kurt@roeckx.be>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F9731AE128 for <dhcwg@ietfa.amsl.com>; Tue, 3 Dec 2013 04:27:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bI-HKaO7csZA for <dhcwg@ietfa.amsl.com>; Tue, 3 Dec 2013 04:27:30 -0800 (PST)
Received: from juliette.telenet-ops.be (juliette.telenet-ops.be [195.130.137.74]) by ietfa.amsl.com (Postfix) with ESMTP id 12A4E1ADEB6 for <dhcwg@ietf.org>; Tue, 3 Dec 2013 04:27:29 -0800 (PST)
Received: from intrepid.roeckx.be ([94.226.199.45]) by juliette.telenet-ops.be with bizsmtp id x0TR1m00R0zFtyu060TRSQ; Tue, 03 Dec 2013 13:27:26 +0100
Received: by intrepid.roeckx.be (Postfix, from userid 1000) id 5B30F1FE0213; Tue, 3 Dec 2013 13:27:25 +0100 (CET)
Date: Tue, 3 Dec 2013 13:27:25 +0100
From: Kurt Roeckx <kurt@roeckx.be>
To: Danny Mayer <mayer@ntp.org>
Message-ID: <20131203122725.GD2329@roeckx.be>
References: <20131201204227.7978.2067.idtracker@ietfa.amsl.com> <83842BD2-0261-472F-9CA1-AFBFB47EAD91@ogud.com> <C0A2F49F-7695-47E9-8AB0-7F94116437F9@nominum.com> <B0A571B5-438A-47AB-AAA4-00D3FC077E22@ogud.com> <331C154E-1A09-4BDD-A70A-AB67BEA2E1E8@nominum.com> <529BD4CF.6000408@ntp.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <529BD4CF.6000408@ntp.org>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Mailman-Approved-At: Tue, 03 Dec 2013 07:19:15 -0800
Cc: NTP Working Group <ntpwg@lists.ntp.org>, "dhcwg@ietf.org WG" <dhcwg@ietf.org>, Ted Lemon <ted.lemon@nominum.com>, "Bernie Volz \(volz\)" <volz@cisco.com>
Subject: Re: [dhcwg] [ntpwg] Fwd: New Version Notification for draft-ogud-dhc-udp-time-option-01.txt
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Dec 2013 12:27:32 -0000

On Sun, Dec 01, 2013 at 07:31:11PM -0500, Danny Mayer wrote:
> I think we need to figure out how to get around the Catch-22 situation
> of DNSSEC requiring relatively good time and NTP wanting to be able to
> use DNS to find valid NTP servers.

If the box doesn't have an rtc, and so maybe starts in 1970, and
doesn't have anything it can trust there is no way out of it.  You
first need _something_ you can trust be it time or some
certificate.

I do not trust my ISP, so I don't see how I can get that started
and be sure that both my time are correct and dnssec validates
properly.  The only way I see around this is that someone manually
checks that the time is correct.


Kurt