Protocol Action: 'Port Randomization in the Network Time Protocol Version 4' to Proposed Standard (draft-ietf-ntp-port-randomization-08.txt)
The IESG <iesg-secretary@ietf.org> Tue, 22 June 2021 13:58 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id D1E513A2627; Tue, 22 Jun 2021 06:58:29 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'Port Randomization in the Network Time Protocol Version 4' to Proposed Standard (draft-ietf-ntp-port-randomization-08.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 7.32.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: The IESG <iesg@ietf.org>, draft-ietf-ntp-port-randomization@ietf.org, ek.ietf@gmail.com, ntp-chairs@ietf.org, ntp@ietf.org, odonoghue@isoc.org, rfc-editor@rfc-editor.org
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Message-ID: <162437030984.1053.14407634942388167280@ietfa.amsl.com>
Date: Tue, 22 Jun 2021 06:58:29 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/QLARCODkVHLtRZgL_xbVWGMmazo>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Jun 2021 13:58:30 -0000
The IESG has approved the following document: - 'Port Randomization in the Network Time Protocol Version 4' (draft-ietf-ntp-port-randomization-08.txt) as Proposed Standard This document is the product of the Network Time Protocol Working Group. The IESG contact persons are Erik Kline and Éric Vyncke. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-ntp-port-randomization/ Technical Summary The Network Time Protocol can operate in several modes. Some of these modes are based on the receipt of unsolicited packets, and therefore require the use of a well-known port as the local port number. However, in the case of NTP modes where the use of a well- known port is not required, employing such well-known port unnecessarily increases the ability of attackers to perform blind/ off-path attacks. This document formally updates RFC5905, recommending the use of transport-protocol ephemeral port randomization for those modes where use of the NTP well-known port is not required. Working Group Summary There was nothing particularly noteworthy in the WG process. Document Quality Many/most implementations already exhibit this behaviour. More implementation text is in Section 5. Personnel Karen O'Donoghue is the Document Shepherd. Erik Kline is the Responsible Area Director.