Re: [Ntp] NTS4UPTP Rev 03 - Formal request for WG adoption

"Langer, Martin" <mart.langer@ostfalia.de> Tue, 01 June 2021 23:28 UTC

Return-Path: <mart.langer@ostfalia.de>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7DAF23A2B76 for <ntp@ietfa.amsl.com>; Tue, 1 Jun 2021 16:28:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nbpZTxdljr0B for <ntp@ietfa.amsl.com>; Tue, 1 Jun 2021 16:28:18 -0700 (PDT)
Received: from mx1.sonia.de (mx1.sonia.de [141.41.1.237]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 039033A2B72 for <ntp@ietf.org>; Tue, 1 Jun 2021 16:28:17 -0700 (PDT)
Received: from mx1.sonia.de (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id BBE7D1C800D8 for <ntp@ietf.org>; Wed, 2 Jun 2021 01:28:14 +0200 (CEST)
Received: from exchange01.resource.sonia.de (exchange01.resource.sonia.de [141.41.8.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.sonia.de (Postfix) with ESMTPS id B7CD21C800D7 for <ntp@ietf.org>; Wed, 2 Jun 2021 01:28:14 +0200 (CEST)
From: "Langer, Martin" <mart.langer@ostfalia.de>
To: NTP WG <ntp@ietf.org>
Thread-Topic: [Ntp] NTS4UPTP Rev 03 - Formal request for WG adoption
Thread-Index: AQHXVyVlZTljNmQ4N2MwN2VmZGRlN6r/f4QAgABKE2I=
Date: Tue, 1 Jun 2021 23:28:14 +0000
Message-ID: <38eb72e0821e4e419a4ece8186bdb633@ostfalia.de>
References: <mailman.3706.1622570606.6256.ntp@ietf.org> <OFEB806F52.236EFE69-ON852586E7.0069170B-852586E7.0070F0AF@ibm.com>, <CAJm83bC8FTeriWdO=eXRLxXu2O1V6V6de1xXM1jiu6s6bKwT6A@mail.gmail.com>
In-Reply-To: <CAJm83bC8FTeriWdO=eXRLxXu2O1V6V6de1xXM1jiu6s6bKwT6A@mail.gmail.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [141.41.8.54]
Content-Type: multipart/alternative; boundary="_000_38eb72e0821e4e419a4ece8186bdb633ostfaliade_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/-E-OzuxrRnj_92hfaWzXiDl2lVo>
Subject: Re: [Ntp] NTS4UPTP Rev 03 - Formal request for WG adoption
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Jun 2021 23:28:25 -0000

Hello all,

I would like to express my point of view here, even though I am very busy at
the moment and can therefore only follow the discussion to a limited extent.
I am supporting the NTS4UPTP draft, because I also think we need a solution
for PTP. Using a pure NTS secured NTP as watchdog is not sufficient in my opinion.

This discussion applies to my proposal (NTS4PTP) as well. I deliberately haven't
pushed it yet, as it's still under revision. I hope to be able to read all the comments
on this topic next week and be a bit more precise about my point of view.

best regards,

Martin



-------------------
Martin Langer, M.Eng.
Ostfalia Hochschule für angewandte Wissenschaften
- Hochschule Braunschweig/Wolfenbüttel
University of Applied Sciences

Labor Datentechnik, Labor Design Digitaler Systeme
Fakultät Elektrotechnik
Salzdahlumer Straße 46/48
38302 Wolfenbüttel
Germany

Tel.: +49 5331 939 43370
Web: https://www.ostfalia.de/cms/de/pws/bermbach/mitarbeiter/martin-langer


________________________________
Von: ntp <ntp-bounces@ietf.org> im Auftrag von Daniel Franke <dfoxfranke@gmail.com>
Gesendet: Dienstag, 1. Juni 2021 22:49:52
An: Steve Guendert
Cc: NTP WG
Betreff: Re: [Ntp] NTS4UPTP Rev 03 - Formal request for WG adoption

On Tue, Jun 1, 2021 at 4:34 PM Steve Guendert <Steve.Guendert@ibm.com<mailto:Steve.Guendert@ibm.com>> wrote:

Hello,

I am the IBM Z (IBM mainframe servers) time synchronization architect and engineering lead. I have been following the thread with great interest because our mainframe customers are quite interested in the subject.  95 of the 100 largest banks in the world run their mission critical applications on IBM mainframes leading many to say the world's economy runs on IBM mainframes.  They are the largest data center environments in the world. Time synchronization accuracy, resiliency, and security are top of mind for their CIOs and CTOs.  I am usually quiet on these threads.  However,  since you are debating something that is of critical urgency to my customers, on their behalf I am "chiming in".

Many of you whom also work for "vendors" have these very same customers as your own customers for your products.

These IBM mainframe customers  are/will be implementing unicast PTP for their mainframe environments.   What to do for time synch security (PTP and NTP)  is the big question.   While the core business applications run on mainframes, these same customers have extensive open systems environments as well, much of which could be running NTP.

I talked with the largest American multinational bank about this topic early last week , and earlier in May with our 40 largest mainframe customers across all industries and geographies.  The proposal off NTS4UPTP and its ideas is very important to our customers because they see 1) PTP as a vital part of their future, 2) the  idea provides a PTP security solution and 3) as I said earlier, they will still use NTP for some things and the proposal would essentially allow them to use a common security mechanism for both NTP and PTP.  A solution that secures only NTP and leaves out PTP is not acceptable to them.  It would leave the mainframe time synch environment unprotected.
Now, you may be thinking, well those mainframe environments will just go back to/stay with NTP.  Guess again.  What will happen is we will be forced to develop something on our own for PTP that meets their needs.  Standards based is much preferable to proprietary, but you do what the customer demands.

Too many times, standards bodies seem to focus on "politics" or protecting things/ideas  we may have worked on in the past or personalities.  Most of you don't know me and I don't know you.  I'm just here as someone with intimate first hand knowledge of what a lot of big end users of time synchronization want   to tell you that there are a lot of very large end user companies who would benefit greatly from adopting the proposal under discussion.

Therefore, on behalf of IBM's mainframe customers I would like to ask for support of the adoption of NTS4UPTP Rev 3

What are the desiderata of "secure PTP" in your view and that of your customers? What must it guarantee, and what adversaries must it guarantee them against?