IETF Logo Mail Archive

Re: [Ntp] NTPv5 draft

Philip Prindeville <philipp@redfish-solutions.com> Tue, 01 December 2020 00:13 UTC

Return-Path: <philipp@redfish-solutions.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 03CE33A128B for <ntp@ietfa.amsl.com>; Mon, 30 Nov 2020 16:13:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.889
X-Spam-Level:
X-Spam-Status: No, score=-1.889 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_TVD_FUZZY_SECURITIES=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TDhL5Ijg7kxt for <ntp@ietfa.amsl.com>; Mon, 30 Nov 2020 16:13:42 -0800 (PST)
Received: from mail.redfish-solutions.com (mail.redfish-solutions.com [45.33.216.244]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7E23E3A1271 for <ntp@ietf.org>; Mon, 30 Nov 2020 16:13:42 -0800 (PST)
Received: from [192.168.3.4] (67-42-76-224.bois.qwest.net [67.42.76.224] (may be forged)) (authenticated bits=0) by mail.redfish-solutions.com (8.16.1/8.16.1) with ESMTPSA id 0B10DdnY077348 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 30 Nov 2020 17:13:40 -0700
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.20.0.2.21\))
From: Philip Prindeville <philipp@redfish-solutions.com>
In-Reply-To: <49B3601E-C6A9-4B9E-BE9D-7FD69CCC54DC@meinberg-usa.com>
Date: Mon, 30 Nov 2020 17:13:39 -0700
Cc: Dieter Sibold <dsibold.ietf@gmail.com>, Miroslav Lichvar <mlichvar@redhat.com>, "ntp@ietf.org" <ntp@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <45DC9A8E-9EE1-425A-9A74-AE026B1F8CC7@redfish-solutions.com>
References: <20201111161947.GG1559650@localhost> <AA848C67-CFB7-43FC-B190-FD3911360373@gmail.com> <49B3601E-C6A9-4B9E-BE9D-7FD69CCC54DC@meinberg-usa.com>
To: Doug Arnold <doug.arnold@meinberg-usa.com>
X-Mailer: Apple Mail (2.3654.20.0.2.21)
X-Scanned-By: MIMEDefang 2.84 on 192.168.1.3
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/-vNU09ggogaOGR8monUm-UyRekA>
Subject: Re: [Ntp] NTPv5 draft
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Dec 2020 00:13:44 -0000

Disagree.

Too many vulnerability exploits have their genesis in things being used in unexpected ways.

I could trick a golf course watering system to stop watering, increase the flammability of the vegetation, and then use it to start an urban wildfire.

I’m okay with using extensions as long as some of them are marked mandatory, or their replacements.

Sorry for the drive-by comments… I know I haven’t been very involved…



> On Nov 30, 2020, at 3:12 PM, Doug Arnold <doug.arnold@meinberg-usa.com> wrote:
> 
> RE security: 
> I think that there is a possibility of a non safety-critical closed network application of ntp that does not need security.  Especially if the client has a limited processor implementation.  I don't know, a golf course watering system or something.
> 
> Mandatory or not, I think that security should be added to the protocol as an extension field, and described in another document.  Security mechanisms change frequently.  I think that there is a good chance that we, or someone, will define a successor to NTS within 10 years.  But the over the wire ntp specification might last longer.  One of the virtues of Miroslav's proposal is that the minimum ptp message and protocol are simple and everything else is an extension. 
> 
> Doug
> 
> On 11/30/20, 2:12 PM, "ntp on behalf of Dieter Sibold" <ntp-bounces@ietf.org on behalf of dsibold.ietf@gmail.com> wrote:
> 
>    Hi Miroslav
> 
>    Many thanks for your NTPv5 proposal.
> 
>    With my working group chair’s hat off!
> 
>    I have following comments:
> 
> 
>    1. Security
> 
>    The protocol as proposed is missing a security approach. There are no 
>    mechanisms described to provide authentication, integrity protection and 
>    maybe encryption. I very much agree with Jame’s proposed draft that a 
>    new version of NTP must provide these mechanisms by default.  Sure, you 
>    can add NTS to protect the NTPv5 packets. But in this case protection is 
>    always an optional add-on whereas it needs to be an inherent part of the 
>    basic protocol. To achieve this the NTS approach certainly can be 
>    transferred to the basic v5 protocol and packet format.
> 
> 
> 
> 
>    2. Interleave and 2-Step
> 
>    I agree with Doug to decide with approach to provide with NTPv5. 
>    Providing both 2-Step and Interleave may increase complexity 
>    unnecessarily. Personally, I find that the 2-step approach with the 
>    follow-up message is more concise. And since the first message only need 
>    to be very small (it just needs to contain the information to ensure 
>    correlation with the follow up) the waste of network bandwidth is very 
>    small.
> 
> 
> 
>    3. Traceability
> 
>    It would make sense that the v5-packets optionally provide information 
>    about the uncertainty of the timestamps taken. These formally for 
>    establishing traceability. Additionally, in order to maintain 
>    traceability during the time period in which leap smearing is applied 
>    the client needs to obtain the necessary information to calculate the 
>    offset between UTC and smeared time. This also is mandatory to maintain 
>    traceability.
> 
> 
>    Dieter
> 
> 
> 
> 
> 
> 
> 
> 
> 
>    On 11 Nov 2020, at 17:19, Miroslav Lichvar wrote:
> 
>> As promised on the previous meetings, I wrote an NTPv5 draft. It's
>> based on the proposal I sent to this list few months ago, with few
>> improvements like timestamp fields seperated from cookies, etc. It
>> still needs a lot of work to be able to stand on its own, but I think
>> it should be good enough for people here to understand how it is
>> intended to work.
>> 
>> It's too late to submit it for the upcoming meeting. Here is a link to
>> a txt version if anyone would like to read it and discuss it here:
>> 
>> https://gist.github.com/mlichvar/2bee94a706d60da9ca88d712afef083e
>> 
>> -- 
>> Miroslav Lichvar
>> 
>> _______________________________________________
>> ntp mailing list
>> ntp@ietf.org
>> https://www.ietf.org/mailman/listinfo/ntp
> 
>    _______________________________________________
>    ntp mailing list
>    ntp@ietf.org
>    https://www.ietf.org/mailman/listinfo/ntp
> 
> _______________________________________________
> ntp mailing list
> ntp@ietf.org
> https://www.ietf.org/mailman/listinfo/ntp

v2.23.0 | Report a Bug | By Email