IETF Logo Mail Archive

[dhcwg] Digital Evidence Standards and a statement that this directly effects NTP and its use...

"TS Glassey" <tglassey@earthlink.net> Wed, 14 November 2007 13:11 UTC

Return-path: <dhcwg-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IsI1g-0003MY-4t; Wed, 14 Nov 2007 08:11:28 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Is3wR-0001vv-97 for dhcwg@ietf.org; Tue, 13 Nov 2007 17:09:07 -0500
Received: from elasmtp-banded.atl.sa.earthlink.net ([209.86.89.70]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1Is3wQ-0001bT-IU for dhcwg@ietf.org; Tue, 13 Nov 2007 17:09:07 -0500
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net; b=t/a7fJL5XIKgu8A5gBChOJyUbTrAZ3IFbf7oJDgnvV7W1aGUDMx2y+3/up9oGFc5; h=Received:Message-ID:From:To:References:Subject:Date:MIME-Version:Content-Type:Content-Transfer-Encoding:X-Priority:X-MSMail-Priority:X-Mailer:X-MimeOLE:X-ELNK-Trace:X-Originating-IP;
Received: from [24.23.176.93] (helo=tsg1) by elasmtp-banded.atl.sa.earthlink.net with asmtp (Exim 4.34) id 1Is3wN-0006Iz-K7; Tue, 13 Nov 2007 17:09:03 -0500
Message-ID: <006801c82641$cd256990$6401a8c0@tsg1>
From: TS Glassey <tglassey@earthlink.net>
To: "David L. Mills" <mills@udel.edu>, ntpwg@lists.ntp.org, dhcwg@ietf.org
References: <A05118C6DF9320488C77F3D5459B17B7062ED3C6@xmb-ams-333.emea.cisco.com><4733482A.7020302@sun.com><A05118C6DF9320488C77F3D5459B17B70634E4E5@xmb-ams-333.emea.cisco.com><4735A243.6090905@sun.com> <47368636.3070007@udel.edu><4736F7A7.2090707@sun.com> <473736A7.5000801@udel.edu><47387778.4030702@sun.com> <47391B04.8080202@udel.edu>
Date: Tue, 13 Nov 2007 09:15:54 -0800
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="iso-8859-1"; reply-type="original"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138
X-ELNK-Trace: 01b7a7e171bdf5911aa676d7e74259b7b3291a7d08dfec7931ae74108ea98562e6d420c3cd8f9e42350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
X-Originating-IP: 24.23.176.93
X-Spam-Score: 1.4 (+)
X-Scan-Signature: 34d35111647d654d033d58d318c0d21a
X-Mailman-Approved-At: Wed, 14 Nov 2007 08:11:04 -0500
Cc:
Subject: [dhcwg] Digital Evidence Standards and a statement that this directly effects NTP and its use...
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: dhcwg.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Errors-To: dhcwg-bounces@ietf.org

Dave -
There is ANOTHER issue facing this WG and that is that just like the 
"description's" of the NTP Process the AutoKEY system needs to be 
accountable to a standard which allows data captured from such a source to 
be admitted in a court of law and now that there are formal standards many 
of the cool methods of delivering time over networks from a physics 
perspective dont mean squat now to the Courts.

The case that set this standard was called Lorraine v Markel CIVIL ACTION 
NO. PWG-06-1893 and it came out of the US District Court in Maryland on May 
4th 2007 from a Judge (a Chief Magistrate Judge) by the name of Paul Grimm. 
Google the actual ruling here: 
http://www.google.com/search?q=lorraine+v+markel&rls=com.microsoft:en-us:IE-SearchBox&ie=UTF-8&oe=UTF-8&sourceid=ie7&rlz=1I7GGLF

Bluntly, the world changed a tad on May 4th and while this effort is pointed 
at the physics of operating NTP, these new controls impact any work with any 
other Standardized Protocol as well... What this means to people who NTP is 
a part of their commercial offering, is that they MUST apply these new 
standards to this code and its support as well, or they must use their own 
internal code-base's rather than depending on one here. I think this ruling 
re-set the bar heighth, and it is now much higher - even for an Academic 
Entity. As to how this effects this WG, we need to build tools that are 
capable of being used in these key application contexts or this protocol 
will likely be ultimately replaced.

Just my two cents,

Todd Glassey

----- Original Message ----- 
From: "David L. Mills" <mills@udel.edu>
To: <ntpwg@lists.ntp.org>; <dhcwg@ietf.org>
Sent: Monday, November 12, 2007 7:33 PM
Subject: Re: [ntpwg] Network Time Protocol (NTP) Options for DHCPv6


> Brian,
>
> Roaming laptops is what NTP Autokey is designed for. All a properly
> configued laptop would not need anything except a flag that says to use
> it and possibly the public group key. Heck with NTP; use Autokey to
> authenticate the server for anything.
>
> Dave
>
> Brian Utterback wrote:
>
>>
>>
>> David L. Mills wrote:
>>
>>> Brian,
>>>
>>> My model about the keys is that the DHCP server would supply a key ID
>>> for the NTP server(s) as configured, but not the keys themselves. The
>>> keys would have to be configured for the NTP server and client
>>> separately. The DHCP server would be responsible only for the opaque
>>> key ID.
>>>
>>
>> I see what you mean, but I am not sure about the use case here.
>> Certainly if the keys are pre-configured on both the clients and the
>> servers, then the key id is a must.  But I am concerned about the
>> roaming laptop mode here. If I bring my laptop to a network, I would
>> like to be able to get enough info from the DHCP server to allow me
>> to securely connect to the server and have it be authenticated. Perhaps
>> a public key distribution scheme?
>>
>>> There is an issue about the security of the DFCP server itself; that
>>> is another issue. I'm assuming the DHCP server is behind the firewall.
>>
>>
>> Right. Out of the realm of our discussion.
>>
>>>
>>> The mode specification could be any of the valid NTP modes. If client
>>> (3) it would be an ordinary client/server association. A means would
>>> be necessary to specify broadcast client, as that is not a mode in
>>> the strict sense. It could be symmetric active (1), in which case the
>>> victim would initiate that type association. To specify symmetric
>>> passive (2) means that the victim should wait for a symmetric active
>>> (1) packet. This does not seem useful.
>>
>>
>> If you get a broadcast address to use then you should be a broadcast
>> client. I don't see the usefulness of a DHCP client being a symmetric
>> anything. Perhaps this is a failure of imagination on my part.
>>
>>
>
> _______________________________________________
> ntpwg mailing list
> ntpwg@lists.ntp.org
> https://lists.ntp.org/mailman/listinfo/ntpwg 


_______________________________________________
dhcwg mailing list
dhcwg@ietf.org
https://www1.ietf.org/mailman/listinfo/dhcwg

v2.23.0 | Report a Bug | By Email