I-D Action: draft-stenn-ntp-not-you-refid-00.txt
internet-drafts@ietf.org Fri, 08 July 2016 10:53 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: i-d-announce@ietf.org
Delivered-To: i-d-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B2C512B044 for <i-d-announce@ietf.org>; Fri, 8 Jul 2016 03:53:25 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Subject: I-D Action: draft-stenn-ntp-not-you-refid-00.txt
X-Test-IDTracker: no
X-IETF-IDTracker: 6.25.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20160708105324.32209.6049.idtracker@ietfa.amsl.com>
Date: Fri, 08 Jul 2016 03:53:24 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/i-d-announce/c0dhMfGfMJ3Ro8eZtSXCkbizNoU>
X-BeenThere: i-d-announce@ietf.org
X-Mailman-Version: 2.1.17
Reply-To: internet-drafts@ietf.org
List-Id: Internet Draft Announcements only <i-d-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i-d-announce/>
List-Post: <mailto:i-d-announce@ietf.org>
List-Help: <mailto:i-d-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jul 2016 10:53:25 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : Network Time Protocol Not You REFID
Authors : Sharon Goldberg
Harlan Stenn
Filename : draft-stenn-ntp-not-you-refid-00.txt
Pages : 5
Date : 2016-07-08
Abstract:
NTP has been widely used through several revisions, with the latest
being RFC 5905 [RFC5905]. A core component of the protocol and the
algoritms is the Reference ID, or REFID, which is used to identify
the source of time used for synchronization (aka the "system peer").
Traditionally, when the source of time was another system, the REFID
was the IPv4 address of that other system. The purpose of the REFID
is to prevent a one-degree "timing loop": where if A has several
timing sources that include B, if B decides to get its time from A,
then A should not then decide to get its time from B. The REFID is
therefore a vital core-component of the base NTP packet. If a
system's REFID is the IPv4 address of its time source, then with a
simple query a remote attacker can learn the target's REFID. The
remote attacker can then try to use that information to send spoofed
NTP packets to the target or the target's time source, attempting to
cause a disruption in time service [NDSS16]. Since the core purpose
of the REFID is to prevent a one-degree timing loop, this proposal is
a backward-compatible way to limit the amount of information that is
leaked in the REFID. Specifically, it allows the prevention of one-
degree timing loops by allowing a system A to reveal to a querying
system B that B is not A's time source, but without revealing the
actual time source to which A is synchronized.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-stenn-ntp-not-you-refid/
There's also a htmlized version available at:
https://tools.ietf.org/html/draft-stenn-ntp-not-you-refid-00
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
- I-D Action: draft-stenn-ntp-not-you-refid-00.txt internet-drafts