IETF Logo Mail Archive

Re: [Ntp] Antw: [EXT] Re: Quick review of WGLC for status change for draft‑ietf‑ntp‑update‑registries

Miroslav Lichvar <mlichvar@redhat.com> Thu, 11 August 2022 10:41 UTC

Return-Path: <mlichvar@redhat.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 62BBCC15C505 for <ntp@ietfa.amsl.com>; Thu, 11 Aug 2022 03:41:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.686
X-Spam-Level:
X-Spam-Status: No, score=-2.686 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.582, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DVqItCP50nj7 for <ntp@ietfa.amsl.com>; Thu, 11 Aug 2022 03:41:07 -0700 (PDT)
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 80276C157B5E for <ntp@ietf.org>; Thu, 11 Aug 2022 03:41:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1660214466; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=FtMyWWAzo5yTAEGRuZDYm681a/SCEWT6fGOL8naKoiQ=; b=MMdT8NIkFEd4Io7s0vbzOE76dbHA7yRtbY5c6AKUEwb/8iHtiIPl7UCWouOVHVK3kC/2FY /9Mu4oKWZEPJg14oADb20U35VTNubqVwgUDEizjJvMWOgbafT9jbpT2T1XLSGEd0s+xKQm Av/jjbCgxYmFQrK7I0gl27l5XuRleFg=
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-342-7Gw-qM02PxO33jSS-45wAg-1; Thu, 11 Aug 2022 06:41:03 -0400
X-MC-Unique: 7Gw-qM02PxO33jSS-45wAg-1
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 17111811E84; Thu, 11 Aug 2022 10:41:03 +0000 (UTC)
Received: from localhost (unknown [10.43.135.229]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5FBE22166B26; Thu, 11 Aug 2022 10:41:02 +0000 (UTC)
Date: Thu, 11 Aug 2022 12:41:01 +0200
From: Miroslav Lichvar <mlichvar@redhat.com>
To: Harlan Stenn <stenn@nwtime.org>
Cc: Hal Murray <halmurray@sonic.net>, "ntp@ietf.org" <ntp@ietf.org>
Message-ID: <YvTcvTbhE7sg0eMo@localhost>
References: <20220809030711.F00DC28C1CA@107-137-68-211.lightspeed.sntcca.sbcglobal.net> <8122203e-ac66-e4d7-5a52-5d053d8fa06a@nwtime.org> <YvIXDS2EkxzI0nTh@localhost> <9d304a6f-5570-0dad-d64d-b8ade71871e3@nwtime.org> <YvIthoUI7HtKpD9E@localhost> <126f817a-5132-ca64-8f12-45e9d33cdae0@nwtime.org>
MIME-Version: 1.0
In-Reply-To: <126f817a-5132-ca64-8f12-45e9d33cdae0@nwtime.org>
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/2-CIdJGVHXfa1B-_qElOiFngFJU>
Subject: Re: [Ntp] Antw: [EXT] Re: Quick review of WGLC for status change for draft‑ietf‑ntp‑update‑registries
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Aug 2022 10:41:11 -0000

On Thu, Aug 11, 2022 at 03:02:16AM -0700, Harlan Stenn wrote:
> On 8/9/2022 2:48 AM, Miroslav Lichvar wrote:
> > On Tue, Aug 09, 2022 at 02:22:32AM -0700, Harlan Stenn wrote:
> > > On 8/9/2022 1:13 AM, Miroslav Lichvar wrote:
> > > > On Mon, Aug 08, 2022 at 10:33:12PM -0700, Harlan Stenn wrote:
> > > > > > NIST servers respond to NTPV4 requests with NTPv3.
> > > > > 
> > > > > which works perfectly with V4 clients, and it works because of the way the
> > > > > protocol was designed and has worked for ntp V1-V4.
> > > > 
> > > > It works only with clients that support NTPv3. Not all clients do
> > > > that. And v1 is not compatible with v2-v4. There is no mode field yet.
> > > 
> > > I don't understand "clients that support NTPv3".  I know that ntpd (which
> > > has been v4 for nearly 25 years' time) talks with NIST just fine.
> > 
> > Because ntpd kept the NTPv3 support when it added NTPv4. The NTPv3
> > support is broken in some ways, e.g. it accepts Autokey extension
> > fields which is not possible in NTPv3.
> 
> How would an NTPv3 system negotiate Autokey?

An NTPv3 client cannot use Autokey, but when ntpd is configured with
"version 3", it sends and accepts invalid NTPv3 messages with Autokey
extension fields. That's a bug.

> > Some client implementations support NTPv4 only and don't accept an
> > NTPv3 response.
> 
> That's fine.  Is there an issue with this?

It doesn't work with servers that respond with NTPv3, i.e. the "which
works perfectly with V4 clients" quoted at the beginning of this email
is not true.

> Dave Mills and I have each wondered what your NTPv5 proposals will do that
> cannot be implemented by using the v4 packet format and extension fields.

Nothing. You could do everything with new NTPv4 extension fields.
There was even a proposal in that direction to get around RFC7822:

https://datatracker.ietf.org/doc/html/draft-mlichvar-ntp-short-extension-fields-01

But there seems to be a consensus we should make a clean break and
address the issues properly instead of doing ugly hacks.

> Folks here have also said that they expect "separate engines" for v4 and v5
> packets in their NTP code.  If that's the case, who cares if the EFs are the
> same or if they're different?

It will simplify the implementations that want to support both. The
code that looks for extension fields in an NTP message can be separate
from the code that generates or parses the actual extension fields.

-- 
Miroslav Lichvar

v2.23.0 | Report a Bug | By Email