IETF Logo Mail Archive

Re: [Ntp] NTP Security (was NTPv5: big picture)

Mark Andrews <marka@isc.org> Mon, 18 January 2021 12:04 UTC

Return-Path: <marka@isc.org>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12EE13A12AC for <ntp@ietfa.amsl.com>; Mon, 18 Jan 2021 04:04:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.119
X-Spam-Level:
X-Spam-Status: No, score=-2.119 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isc.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Avx2PxDUqWxP for <ntp@ietfa.amsl.com>; Mon, 18 Jan 2021 04:04:00 -0800 (PST)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [149.20.64.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7AC063A12AA for <ntp@ietf.org>; Mon, 18 Jan 2021 04:04:00 -0800 (PST)
Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.pao1.isc.org (Postfix) with ESMTPS id 41E443BD4DB; Mon, 18 Jan 2021 12:04:00 +0000 (UTC)
Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTPS id 26544160047; Mon, 18 Jan 2021 12:04:00 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id 0EFE5160053; Mon, 18 Jan 2021 12:04:00 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.9.2 zmx1.isc.org 0EFE5160053
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isc.org; s=05DFB016-56A2-11EB-AEC0-15368D323330; t=1610971440; bh=drcsigkZqLGhYLRCdx1IgBAD52nIBMewQKTSdOs0xgI=; h=Content-Type:Content-Transfer-Encoding:From:Mime-Version:Subject: Date:Message-Id:To; b=iTk+Feof7iYJyvhFnWo1fAqHJ6G1teB3Sb6lt4bZEMWBgeWD0322TFksRU0Ca9rSX rSJTC4nsdRLFCTup929MGJpolmm+sqXTGEEVlWiDwJYzZvwus+RO65jkHDfxfBAao7 Uwd9wB+hQmySvfFgo070MHGpDpeM9QNPL/PTIcDA=
Received: from zmx1.isc.org ([127.0.0.1]) by localhost (zmx1.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 4OUNG72yUMuI; Mon, 18 Jan 2021 12:03:59 +0000 (UTC)
Received: from [172.30.42.84] (n114-75-69-161.bla3.nsw.optusnet.com.au [114.75.69.161]) by zmx1.isc.org (Postfix) with ESMTPSA id 9A123160047; Mon, 18 Jan 2021 12:03:59 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: Mark Andrews <marka@isc.org>
Mime-Version: 1.0 (1.0)
Date: Mon, 18 Jan 2021 23:03:53 +1100
Message-Id: <E083B41B-1ADB-482F-8617-B58BC12919BD@isc.org>
References: <20210118113806.33BBE40605C@ip-64-139-1-69.sjc.megapath.net>
Cc: FUSTE Emmanuel <emmanuel.fuste@thalesgroup.com>, ntp@ietf.org
In-Reply-To: <20210118113806.33BBE40605C@ip-64-139-1-69.sjc.megapath.net>
To: Hal Murray <hmurray@megapathdsl.net>
X-Mailer: iPhone Mail (18C66)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/-rEI1LGirG9AHmebZA5VNt4zRyo>
Subject: Re: [Ntp] NTP Security (was NTPv5: big picture)
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jan 2021 12:04:03 -0000

A long lived cert is identical to DNSSEC.  The only difference is that DNSSEC uses signature validity periods measured in days rather than years. 

-- 
Mark Andrews

> On 18 Jan 2021, at 22:38, Hal Murray <hmurray@megapathdsl.net> wrote:
> 
> 
> emmanuel.fuste@thalesgroup.com said:
>> And all bootstrapping problems could be solved with CD / DO flags  controls
>> and validation back checking with the first returned time of day. 
> 
> How is that back checking going to work?  You don't know the time yet.
> 
> Sure, it will say "OK" if you are talking to an honest server, but if you are talking to a bad guy, it can lie consistently.  Am I missing something?
> 
> ---------
> 
> I know of 2 solutions for the 10 years on the shelf problem.
> 
> 1) Have a battery that lasts long enough.  Watches are good for ballpark of 1 second per day so 10 years will be within an hour.  (worse if the device is stored in hot or cold)
> 
> 2) Preload the box with whatever is needed to get off the ground without good time.  I think that is long lifetime certificates and long lifetime IP Addresses.
> 
> Neither is easy, but I think both are possible.
> 
> -- 
> These are my opinions.  I hate spam.
> 
> 
> 
> _______________________________________________
> ntp mailing list
> ntp@ietf.org
> https://www.ietf.org/mailman/listinfo/ntp

v2.23.0 | Report a Bug | By Email