IETF Logo Mail Archive

Re: [Ntp] Splitting the Roughtime draft?

Watson Ladd <watsonbladd@gmail.com> Sun, 31 January 2021 21:07 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F5A03A1250 for <ntp@ietfa.amsl.com>; Sun, 31 Jan 2021 13:07:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V4AU7dBWY80o for <ntp@ietfa.amsl.com>; Sun, 31 Jan 2021 13:07:22 -0800 (PST)
Received: from mail-ej1-x634.google.com (mail-ej1-x634.google.com [IPv6:2a00:1450:4864:20::634]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF7CB3A1228 for <ntp@ietf.org>; Sun, 31 Jan 2021 13:07:21 -0800 (PST)
Received: by mail-ej1-x634.google.com with SMTP id bl23so21186826ejb.5 for <ntp@ietf.org>; Sun, 31 Jan 2021 13:07:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=niZlMrjVO+X7t4gLx8xegFMaclolabXXI8MuJR96xNs=; b=Fp6kU5rQnd1wQvdBjNZQJ33NUisfcIlF7DCr0kYvAuvcl+5BvtISUIpd/8ltfjD83b rMiaIDA+RApZicu3f1kZxm88HDQD0xF0yQT/NPPz00DkiW46YNsCQJQM2lFkEYGG+EzH O7I7J+2mm5HpIEuC6ZYTdQ1Ns3VnuaMjHFFZ1tSAurbtE8IJQqp0PdRjOmROZeIbwv+4 c6QGWzk3rdG/rluxwnVtzhwq93ImZlNt0atQU62zQbMziOyJgi/gvIg2+B6FMtwI1egx WCc2vKrgrEGNMiCZnOMyIEJDL84Ko7eXWXgt6XgqT6Td4uU099lBSKK4SYN9gfQJrE7J 48hA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=niZlMrjVO+X7t4gLx8xegFMaclolabXXI8MuJR96xNs=; b=HwfAYK7x1h52FqHox9g/OP5Pc23MHruBrTga6heyAUWKdeeE+k24hx0dw88DEJ8Xfk O+bBfZJHHAAJAL32UTj7zdCB6eu9csjGyxkyT8M5AYoHVZIDf6oySDeP3HkQgNWBHkMU wqANSUBZMo9U/UXtzQtV4NhlR8sGE2XFE7UDwKxaMqEo1BX/SPVmC2sIwe9TNaHz/1uM d9sNAzF7cR5rtjAX8diL9r1FgCshLLseuye0OyG9fZ/HVX5AgHMtU3T0JWXmqRLUm4MI 1ZIwsH0oqj5FNp1Koo4KtCG/i99qHl5kmg3ZRJycOJ4RiFD+XpH956HJRBjI/748Htmk 1glQ==
X-Gm-Message-State: AOAM533A4jD2BkA7xkIrct9g0tL3eB8QAdyz9rwmJbBGAu/nUUlRWqpO rBDax+qBs/mT6cPGyQkcV3/sk3hwfSvebeUlo5s=
X-Google-Smtp-Source: ABdhPJwIIUlKvNIiK44rOpXK+2HnXMDXS8vvOd3+iQLPHEb/QlSfGiTPT2eGKZ1pTgSmskB5Qf/BVj+nKY27kziEOiY=
X-Received: by 2002:a17:906:3a13:: with SMTP id z19mr15198740eje.317.1612127240102; Sun, 31 Jan 2021 13:07:20 -0800 (PST)
MIME-Version: 1.0
References: <20210131090607.ED116406061@ip-64-139-1-69.sjc.megapath.net>
In-Reply-To: <20210131090607.ED116406061@ip-64-139-1-69.sjc.megapath.net>
From: Watson Ladd <watsonbladd@gmail.com>
Date: Sun, 31 Jan 2021 13:07:08 -0800
Message-ID: <CACsn0cnsf1_EB+omX9t4rpc5VbY7Akybs=XiPHnpkv3AeHGgsg@mail.gmail.com>
To: Hal Murray <hmurray@megapathdsl.net>
Cc: NTP WG <ntp@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/2Vtwg7WUNP0eeqNAeWU6wf81D_0>
Subject: Re: [Ntp] Splitting the Roughtime draft?
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 31 Jan 2021 21:07:24 -0000

On Sun, Jan 31, 2021 at 1:06 AM Hal Murray <hmurray@megapathdsl.net> wrote:
>
>
> marcus@dansarie.se said:
> > I think we need to be very clear about the fact that all trust in Roughtime
> > is rooted in the long-term keys and that they are expected to be valid for a
> > very long time indeed.
>
> How long is "very long"?

CT logs are active for one year of certificate expiry, but that's due
to log growth causing issues. Roughtime keys could be used for
multiple years, although shorter lifetimes would force updates on
clients. I'm open to suggestions.

>
> I've been trying to figure out how to use Roughtime to get NTS off the ground
> when the time isn't known/trusted yet.  If it needs long term keys, is there
> any advantage to long-term Roughtime keys as compared to trusted certificates
> with a long lifetime?

You shouldn't bake in ecosystem.json and expect this to work securely.
The benefit of roughtime is that malfeasance is detected, hence
updates can remove bad servers without much trouble, and it readily
provides enough accuracy for X509 validation. Set and forget with a
limited number of servers doesn't enable those ecosystem benefits.

What we observe in the browser world is that even 24 hour windows of
validity are problematic for clients due to inaccuracy, but a few
seconds of accuracy is just fine for X509 validation.

Sincerely,
Watson Ladd

>
> --
> These are my opinions.  I hate spam.
>
>
>
> _______________________________________________
> ntp mailing list
> ntp@ietf.org
> https://www.ietf.org/mailman/listinfo/ntp


--
Astra mortemque praestare gradatim

v2.23.0 | Report a Bug | By Email