Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NTP) Options forDHCPv6
"TS Glassey" <tglassey@earthlink.net> Wed, 21 November 2007 15:19 UTC
Return-path: <dhcwg-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IurMD-0000EO-Lt; Wed, 21 Nov 2007 10:19:17 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IurMB-0000EB-Ic for dhcwg@ietf.org; Wed, 21 Nov 2007 10:19:15 -0500
Received: from elasmtp-galgo.atl.sa.earthlink.net ([209.86.89.61]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IurM7-0008B3-Uv for dhcwg@ietf.org; Wed, 21 Nov 2007 10:19:15 -0500
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net; b=dBDyRe0W9TwJ9i7T1EPvtEshxUgA5G2g2JlFthETqaTLZzMmCIJeR9EAjX+uyk3L; h=Received:Message-ID:From:To:Cc:References:Subject:Date:MIME-Version:Content-Type:Content-Transfer-Encoding:X-Priority:X-MSMail-Priority:X-Mailer:X-MimeOLE:X-ELNK-Trace:X-Originating-IP;
Received: from [24.23.176.93] (helo=tsg1) by elasmtp-galgo.atl.sa.earthlink.net with asmtp (Exim 4.34) id 1IurM6-0002nW-9B; Wed, 21 Nov 2007 10:19:10 -0500
Message-ID: <008501c82c51$dd9c99e0$6401a8c0@tsg1>
From: TS Glassey <tglassey@earthlink.net>
To: Danny Mayer <mayer@ntp.org>, Ralph Droms <rdroms@cisco.com>
References: <A05118C6DF9320488C77F3D5459B17B7062ED3C6@xmb-ams-333.emea.cisco.com> <4733482A.7020302@sun.com> <A05118C6DF9320488C77F3D5459B17B70634E4E5@xmb-ams-333.emea.cisco.com> <4735A243.6090905@sun.com><47368636.3070007@udel.edu> <4736F7A7.2090707@sun.com><473D1BEB.1090102@ntp.org><4DE1A6EA-10E5-4707-AD34-28C95153EF6D@cisco.com> <473DB834.4040606@ntp.org>
Subject: Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NTP) Options forDHCPv6
Date: Wed, 21 Nov 2007 07:18:58 -0800
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="iso-8859-1"; reply-type="original"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138
X-ELNK-Trace: 01b7a7e171bdf5911aa676d7e74259b7b3291a7d08dfec79a8c29a1dc2e62dfb35c48ba8bad0bf57350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
X-Originating-IP: 24.23.176.93
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 5a9a1bd6c2d06a21d748b7d0070ddcb8
Cc: ntpwg@lists.ntp.org, dhcwg@ietf.org, Brian Utterback <Brian.Utterback@Sun.COM>, "Richard Gayraud ((rgayraud))" <rgayraud@cisco.com>
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: dhcwg.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Errors-To: dhcwg-bounces@ietf.org
----- Original Message ----- From: "Danny Mayer" <mayer@ntp.org> To: "Ralph Droms" <rdroms@cisco.com> Cc: <ntpwg@lists.ntp.org>; <dhcwg@ietf.org>; "Brian Utterback" <Brian.Utterback@Sun.COM>; "Richard Gayraud ((rgayraud))" <rgayraud@cisco.com> Sent: Friday, November 16, 2007 7:33 AM Subject: Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NTP) Options forDHCPv6 > Ralph Droms wrote: >> DHCPv6 does not use IPSEC between the client and the server. Rather, >> it uses a shared key for authentication and message verification. >> >> It is possible to use IPSEC between a relay agent and a server. >> > > Thanks for the correction. As long as the shared key authentication does > not depend on a valid time in any way then this is fine. That potentially eliminates the use of KRB5 Tokens > > Danny >> - Ralph >> >> On Nov 15, 2007, at Nov 15, 2007,11:26 PM, Danny Mayer wrote: >> >>> Brian Utterback wrote: >>>> Interesting. I agree that a key needs to be specified somehow, but it >>>> is not clear to me how to do it. We have to assume that the client >>>> does not have the same NTP keys. However, we would like a way to >>>> specify a server and keys securely, so that the security of the >>>> network depends only on the security of DHCP. Again I am not up to >>>> date, *is* there a secure DHCP? If so, then how to get keys to the >>>> clients becomes an issue. >>> >>> DHCPv6 uses IPSEC for security. However, as I pointed out in my own >>> response, if you are provisioning an NTP server then it means that NTP >>> is not running at the time and any security that requires reasonably >>> close timestamps at both ends is likely to fail. >>> >>> Danny >>> >>> _______________________________________________ >>> dhcwg mailing list >>> dhcwg@ietf.org >>> https://www1.ietf.org/mailman/listinfo/dhcwg >> > > _______________________________________________ > ntpwg mailing list > ntpwg@lists.ntp.org > https://lists.ntp.org/mailman/listinfo/ntpwg _______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www1.ietf.org/mailman/listinfo/dhcwg
- [dhcwg] Network Time Protocol (NTP) Options for D… Benoit Lourdelet (blourdel)
- [dhcwg] RE: [ntpwg] Network Time Protocol (NTP) O… Benoit Lourdelet (blourdel)
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Bud Millwood
- [dhcwg] Re: [ntpwg] Digital Evidence Standards an… Shane Kerr
- [dhcwg] RE: [ntpwg] Network Time Protocol (NTP) O… Mark Elliot
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… Harlan Stenn
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… Brian Utterback
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… Brian Utterback
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… David L. Mills
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… Brian Utterback
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… David L. Mills
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… TS Glassey
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… Brian Utterback
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… David L. Mills
- [dhcwg] Digital Evidence Standards and a statemen… TS Glassey
- [dhcwg] Re: [ntpwg] Digital Evidence Standards an… TS Glassey
- [dhcwg] Re: Digital Evidence Standards and a stat… David L. Mills
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Ted Lemon
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Ralph Droms
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… David W. Hankins
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… David L. Mills
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Ted Lemon
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Brian Utterback
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Brian Utterback
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Ted Lemon
- RE: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Benoit Lourdelet (blourdel)
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… David W. Hankins
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… David W. Hankins
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… David W. Hankins
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Ralph Droms
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David L. Mills
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David L. Mills
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Harlan Stenn
- RE: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Benoit Lourdelet (blourdel)
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Mark Stapp
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David W. Hankins
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David W. Hankins
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David L. Mills
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David L. Mills
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Mark Andrews
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Mark Andrews
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Mark Andrews
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Bud Millwood
- RE: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Benoit Lourdelet (blourdel)
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… M. Warner Losh
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- RE: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Benoit Lourdelet (blourdel)
- RE: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… anthony.flavin
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… David W. Hankins
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… David W. Hankins
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David W. Hankins
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Mark Stapp
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David L. Mills
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David L. Mills
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… David W. Hankins
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Mark Stapp
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David L. Mills
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brad Knowles
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Hal Murray
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brad Knowles
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brad Knowles
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- RE: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… anthony.flavin
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David W. Hankins
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Josh Littlefield
- RE: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brzozowski, John
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [dhcwg] Network Time Protocol (NTP) Options f… Bud Millwood
- Re: [dhcwg] Network Time Protocol (NTP) Options f… Mark Stapp
- Re: [dhcwg] Network Time Protocol (NTP) Options f… Ted Lemon
- RE: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Woundy, Richard
- Re: [dhcwg] Network Time Protocol (NTP) Options f… Danny Mayer
- RE: [ntpwg] [dhcwg] Network Time Protocol (NTP) O… Richard Gayraud (rgayraud)
- Re: [ntpwg] [dhcwg] Network Time Protocol (NTP) O… Brian Utterback
- Re: [ntpwg] [dhcwg] Network Time Protocol (NTP) O… Brad Knowles
- RE: [ntpwg] [dhcwg] Network Time Protocol (NTP) O… anthony.flavin
- Re: [ntpwg] [dhcwg] Network Time Protocol (NTP) O… Danny Mayer