[Ntp] Roman Danyliw's No Objection on draft-ietf-ntp-chronos-20: (with COMMENT)
Roman Danyliw via Datatracker <noreply@ietf.org> Wed, 12 July 2023 19:22 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: ntp@ietf.org
Delivered-To: ntp@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 6EA6DC14CE4A; Wed, 12 Jul 2023 12:22:58 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-ntp-chronos@ietf.org, ntp-chairs@ietf.org, ntp@ietf.org, dsibold.ietf@gmail.com, odonoghue@isoc.org, dsibold.ietf@gmail.com
X-Test-IDTracker: no
X-IETF-IDTracker: 11.4.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <168918977844.34874.4932573188724499998@ietfa.amsl.com>
Date: Wed, 12 Jul 2023 12:22:58 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/1Hrgit3oi0KqOel1w8hqS_1Bd6o>
Subject: [Ntp] Roman Danyliw's No Objection on draft-ietf-ntp-chronos-20: (with COMMENT)
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.39
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jul 2023 19:22:58 -0000
Roman Danyliw has entered the following ballot position for draft-ietf-ntp-chronos-20: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-ntp-chronos/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thank you to Benjamin M. Schwartz’s SECDIR review. I support Paul Wouter’s DISCUSS position. ** Per the document status, was there WG discussion on making this document experimental status instead of informational? I don’t have a sense of how much field validation there is of this approach. ** IDnits reported: == Unused Reference: 'RFC2119' is defined on line 560, but no explicit reference was found in the text ** I don’t fully understand what a “watchdog” is. It would be helpful to clarify what is being described and the notional implementation mechanism. -- is “Khronos” an algorithm and this is guidance to NTP client implementers? Is there a “Khronos application” and an unmodified “NTP application”? -- Is there any interoperability being described here? -- Per Warren’s ballot, when “Khronos” detects malfeasance, how does it interact with OS or what new behavior does it introduce to a NTP client? ** Section 3. Based on empirical analyses, to minimize the load on NTP servers while providing high security, the Khronos poll interval should be around 10 times the NTPv4 poll interval Since the guidance is “should be around 10 times”, when would you deviate from “10 times”? ** Section 3.1 Calibration is performed at the first time the Khronos is executed, and also periodically, once in a long time (e.g., every few weeks/ months). “Every few weeks” to “months” seems like a large spread of time. What guides the calibration window? ** Section 3.2. Note that the randomness of the server selection is crucial for the security of the scheme and therefore any Khronos implementation should use secure randomness implementation such as used for encryption key generation. If “randomness of the server selection is crucial”, why isn’t it mandatory for Khronos implementations to use a secure randomness implementation? Specification s/implementations should use/implementations must use/
- [Ntp] Roman Danyliw's No Objection on draft-ietf-… Roman Danyliw via Datatracker
- Re: [Ntp] Roman Danyliw's No Objection on draft-i… Neta R S
- Re: [Ntp] Roman Danyliw's No Objection on draft-i… Danny Mayer
- Re: [Ntp] Roman Danyliw's No Objection on draft-i… Neta R S
- Re: [Ntp] Roman Danyliw's No Objection on draft-i… Roman Danyliw
- Re: [Ntp] Roman Danyliw's No Objection on draft-i… Neta R S