Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp
Martin Langer <mart.langer@ostfalia.de> Tue, 04 December 2018 09:52 UTC
Return-Path: <mart.langer@ostfalia.de>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DCD95130E2E for <ntp@ietfa.amsl.com>; Tue, 4 Dec 2018 01:52:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sonia.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tkOIi4coDAt8 for <ntp@ietfa.amsl.com>; Tue, 4 Dec 2018 01:52:26 -0800 (PST)
Received: from mailgate1.sonia.de (mailgate1.sonia.de [141.41.1.242]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4624C130E01 for <ntp@ietf.org>; Tue, 4 Dec 2018 01:52:25 -0800 (PST)
Received: from mailgate1.sonia.de (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 34F0513D37 for <ntp@ietf.org>; Tue, 4 Dec 2018 10:52:23 +0100 (CET)
Received: from mail.sonia.de (mail.sonia.de [141.41.8.70]) by mailgate1.sonia.de (Postfix) with ESMTP id 22BF613D31 for <ntp@ietf.org>; Tue, 4 Dec 2018 10:52:23 +0100 (CET)
MIME-version: 1.0
Content-transfer-encoding: 8bit
Content-type: text/plain; charset="utf-8"; format="flowed"
Received: from [141.41.39.246] (unknown [141.41.39.246]) by mail.sonia.de (Oracle Communications Messaging Server 7.0.5.37.0 64bit (built Jan 25 2016)) with ESMTPSA id <0PJ700I6XI3AWM20@mail.sonia.de> for ntp@ietf.org; Tue, 04 Dec 2018 10:52:23 +0100 (CET)
Sender: mart.langer@ostfalia.de
To: ntp@ietf.org
References: <FF5E07A6-6F59-4D45-A186-7FC7C9B4A41C@isoc.org>
From: Martin Langer <mart.langer@ostfalia.de>
Message-id: <b4e17d31-967c-d613-2317-633f316e2c66@ostfalia.de>
Date: Tue, 04 Dec 2018 10:52:39 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Thunderbird/60.3.2
In-reply-to: <FF5E07A6-6F59-4D45-A186-7FC7C9B4A41C@isoc.org>
Content-language: en-US
X-Antivirus: Avast (VPS 181203-8, 03.12.2018), Outbound message
X-Antivirus-Status: Clean
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sonia.de; h=mime-version:content-transfer-encoding:content-type:sender:subject:to:references:from:message-id:date:in-reply-to; s=20140129; bh=NEVwtnXe6hadUaPjonMlb7mej9RRHDR0GPvjfiXUlcc=; b=k9CxeYt1EXBcog8eQNScqDf71NztrC0vKrbN6D6lZVGqpPTzIKMLFiM5PRP1Nc3VsVPK4xKrOahE0dgMAu/D7PrsfRemWtDgFwPRpo226kDd+ipgcfKP5CWMJ1/Prk51ifsmSUF/tMpuuIz7hZkCtKiIL0oxcb51S7oRVIkY3v8=
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/2aIzSk4oStyXNGIQFgfO0RrrbBA>
Subject: Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Dec 2018 09:52:30 -0000
Hello together, the current NTS draft is fine for me and I have just a few comments. page 7: "Implementations MUST NOT negotiate TLS versions earlier than 1.2, SHOULD negotiate TLS 1.3 [RFC8446] or later when possible, and MAY refuse to negotiate any TLS version which has been superseded by a later supported version." -> I guess the minimum TLS version MUST be 1.3. The effort for developers should be very small. In OpenSSL, I only need one extra line of code to force TLS1.3 and disable TLS1.2. Many implementations support the final TLS1.3 (RFC) or the latest TLS draft (see: https://github.com/tlswg/tls13-spec/wiki/Implementations). The remaining platforms will probably follow soon. Therefore, I see no further need to support older TLS versions than 1.3. page 8: "The semantics of record types 0-6 are specified in this memo." -> must be '0-7' page 15: "Nonce length: Two octets in network byte order, ..." -> must be 'Nonce Length:' page 16: "Additional Padding: Clients which use a nonce length shorter than the maximum allowed by the negotiated AEAD algorithm may be required to include additional zero-padding. The necessary length of this field is specified below." -> This confused me the first time. I thought it was a mistake and meant 'minimum'. 'maximum' is right, but should we leave this information here? Alternative form: "Additional Padding: The nonce length used by the client maybe required to include additional zero-padding depending on the negotiated AEAD algorithm." page 17: "The purpose of the Additional Padding field is to ensure that servers can always choose a nonce whose length is adequate to ensure its uniqueness, even if the client chooses a shorter one, and still ensure that the overall length of the server’s response packet. does not exceed the length of the request." -> in the penultimate line is a dot page 19: -> The timelines are different in length. (the client line need one more '-') page 27: "The Network Time Security Warning Codes Registry SHALL initally be empty except for the reserved range, i.e.:" -> typo: 'initially' best regards, Martin Am 06.11.2018 um 21:46 schrieb Karen O'Donoghue: > Folks, > > This message initiates a three plus week working group last call for: > > Network Time Security for the Network Time Protocol > https://datatracker.ietf.org/doc/draft-ietf-ntp-using-nts-for-ntp/ > > Please review the referenced document and send any comments to the mailing list including your assessment of whether this document is mature enough to proceed to the IESG. Please note that these messages of support for progression to the mailing list will be used to determine WG consensus to proceed. > > Please send all comments in by COB on Friday 30 November. We realize this is a bit longer than normal but we are coming out of an IETF week and heading into the Thanksgiving holiday in the US. > > Thanks! > Karen and Dieter > _______________________________________________ > ntp mailing list > ntp@ietf.org > https://www.ietf.org/mailman/listinfo/ntp -- Martin Langer, M.Eng. Ostfalia Hochschule für angewandte Wissenschaften - Hochschule Braunschweig/Wolfenbüttel University of Applied Sciences Labor Datentechnik, Labor Design Digitaler Systeme Fakultät Elektrotechnik Salzdahlumer Straße 46/48 38302 Wolfenbüttel Germany Tel. : +49 5331 939 43370 Web : https://www.ostfalia.de/cms/de/pws/bermbach/mitarbeiter/martin-langer
- [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Karen O'Donoghue
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Loganaden Velvindron
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Martin Langer
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Martin Langer
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Karen O'Donoghue
- [Ntp] Fwd: WGLC: draft-ietf-ntp-using-nts-for-ntp Karen O'Donoghue
- [Ntp] Dave Mills: Re: WGLC: draft-ietf-ntp-using-… Harlan Stenn
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Miroslav Lichvar
- Re: [Ntp] Fwd: WGLC: draft-ietf-ntp-using-nts-for… kristof.teichel
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Denis Reilly
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Marcus Dansarie
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Harlan Stenn
- [Ntp] Antwort: Re: WGLC: draft-ietf-ntp-using-nts… kristof.teichel
- Re: [Ntp] Antwort: Re: WGLC: draft-ietf-ntp-using… Harlan Stenn
- [Ntp] Antwort: Re: Antwort: Re: WGLC: draft-ietf-… kristof.teichel
- Re: [Ntp] Antwort: Re: WGLC: draft-ietf-ntp-using… Salz, Rich
- Re: [Ntp] Antwort: Re: WGLC: draft-ietf-ntp-using… Harlan Stenn
- Re: [Ntp] Antwort: Re: WGLC: draft-ietf-ntp-using… Harlan Stenn
- Re: [Ntp] Antwort: Re: Antwort: Re: WGLC: draft-i… Harlan Stenn
- Re: [Ntp] Antwort: Re: Antwort: Re: WGLC: draft-i… kristof.teichel
- Re: [Ntp] Antwort: Re: WGLC: draft-ietf-ntp-using… Salz, Rich
- Re: [Ntp] Antwort: Re: WGLC: draft-ietf-ntp-using… kristof.teichel
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Dieter Sibold
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Brian Haberman
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Karen O'Donoghue
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Marcus Dansarie
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Dieter Sibold
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Salz, Rich
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Dieter Sibold
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Dieter Sibold
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Salz, Rich
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Dieter Sibold
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Martin Langer
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Dieter Sibold
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Ragnar Sundblad
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Miroslav Lichvar