Re: [Ntp] New Version Notification for draft-gruessing-ntp-ntpv5-requirements-03.txt
Dieter Sibold <dsibold.ietf@gmail.com> Wed, 20 October 2021 17:46 UTC
Return-Path: <dsibold.ietf@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EBE2E3A0B20 for <ntp@ietfa.amsl.com>; Wed, 20 Oct 2021 10:46:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J_FZ70QZbILx for <ntp@ietfa.amsl.com>; Wed, 20 Oct 2021 10:46:35 -0700 (PDT)
Received: from mail-wm1-x334.google.com (mail-wm1-x334.google.com [IPv6:2a00:1450:4864:20::334]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 588F73A0B1D for <ntp@ietf.org>; Wed, 20 Oct 2021 10:46:35 -0700 (PDT)
Received: by mail-wm1-x334.google.com with SMTP id 67-20020a1c1946000000b0030d4c90fa87so11781826wmz.2 for <ntp@ietf.org>; Wed, 20 Oct 2021 10:46:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=zPXtb6UwFocr8Z/qBA6P0ih9NMPosc7hQQo0E9xlXZk=; b=S9KHa6qt17eSmukq6Qgtn7gA7sHoYoEqxqeDxijV8PJUDB2xBZIXX0Op5yhnUIzE2Y A6QlILUO1WoKrqIh2tgRORVGSlbWMmgIZSdBOLiAOFdahHWkq8chw2wfCpajVHZPJ9Dp 0LX/jd+rweUsnMfknsFSwPQH/bDKZum79KZNNZ4DTXseEoh7uavINEOGxNMo8vF9lsTZ Wa4CSH37d3GG2y9/TkiuDxDDYJ4w3Df6265mQWzSETb6mrHnKN62YlVX43mqxE0aK76a BU0QaG7Ndn53qufNwMs1cM88ZVKJPOP13BXerYsr5GGvKhJtrJbIsVleXWElySklamSp WmlA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=zPXtb6UwFocr8Z/qBA6P0ih9NMPosc7hQQo0E9xlXZk=; b=a6uglx4juxjzPUZlvmEGMU6iio3S9pTPNtUnDsj1twNOs4OmMIY2c/Eokrc4o18LLh vMR1J8KflQjxFucHV7WMK9/1rrJTuQJbUclHgUJplJYrA+Q7kCVJ7AjMjeFmQ4PmP4p8 6XSLsFHUQWRhm+z65M4yNgRr7tviBMMAXXMZ6aFUWrE99WDPZ6sZfVI+DRp8FaMP55fa T2S/odwZ2xPoPCTI93PHtnkiuWgtkvR7eF/Bu7OYR7scQBpZYYnbY1aqdg9m4VraORbJ w/9yP19QcZ9kL0lVtkY3g+uQeA0GV9elCMpNxLGXHN3C41xtjqdiOCT0x2lULuRjxcAS BAeQ==
X-Gm-Message-State: AOAM533k/flPf+uae4+dOZJxf8cvEIRDueY9XRAyAFpouyan6KADlVPT GRWMa9T/t3zm51k1Y3qqx7I=
X-Google-Smtp-Source: ABdhPJzuutuSRnzkePPOxeWtJayZD57numBiQvw4CU1pxHgw9bUURMizFueN6DETzBa2V7Z2DQF02A==
X-Received: by 2002:a05:600c:209:: with SMTP id 9mr779336wmi.42.1634751991991; Wed, 20 Oct 2021 10:46:31 -0700 (PDT)
Received: from [192.168.111.24] (p200300d17f2a9700d44ec6b6e7de4d18.dip0.t-ipconnect.de. [2003:d1:7f2a:9700:d44e:c6b6:e7de:4d18]) by smtp.gmail.com with ESMTPSA id c18sm2590030wrr.60.2021.10.20.10.46.30 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 20 Oct 2021 10:46:31 -0700 (PDT)
From: Dieter Sibold <dsibold.ietf@gmail.com>
To: Miroslav Lichvar <mlichvar@redhat.com>
Cc: James <james.ietf@gmail.com>, NTP WG <ntp@ietf.org>, Doug Arnold <doug.arnold@meinberg-usa.com>
Date: Wed, 20 Oct 2021 19:46:28 +0200
X-Mailer: MailMate (1.14r5818)
Message-ID: <7A999723-E576-4405-A83F-963556FEB039@gmail.com>
In-Reply-To: <YW2FvUiaHC/hbxkG@localhost>
References: <163386015957.12424.6997038478834885480@ietfa.amsl.com> <CAO+dDx=6baLhf9LwSMvR1F0ieuLO6NXmExYLDvcCF2tgchHs8w@mail.gmail.com> <DB8PR02MB5772AC97BFE2D7C1139EFDC0CFB89@DB8PR02MB5772.eurprd02.prod.outlook.com> <E469D9A7-7445-49D9-A8A2-82BA7BF1FA27@gmail.com> <YW2FvUiaHC/hbxkG@localhost>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/2yvGfT0swIHYAmeZNtcbCPu0pe4>
Subject: Re: [Ntp] New Version Notification for draft-gruessing-ntp-ntpv5-requirements-03.txt
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Oct 2021 17:46:41 -0000
On 18 Oct 2021, at 16:33, Miroslav Lichvar wrote: > On Fri, Oct 15, 2021 at 11:27:20AM +0200, James wrote: >>> On 15 Oct 2021, at 00:45, Doug Arnold <doug.arnold@meinberg-usa.com> wrote: >>> Encryption and authentication MUST be provided by the protocol specification as a default and MUST be resistant to downgrade attacks... >> >> To put this another way, I think the specification must provide confidentiality as well as authentication, and that if either is applied they cannot be removed from a connection (aka a security downgrade) which makes authentication the minimum and doesn’t necessarily mandate confidentiality. > > I still don't understand this part. What do "as a default" and > "authentication the minimum" exactly mean? What information needs to > be encrypted? Everything? The first octet cannot be encrypted to allow > detection of NTPv5 packets on the port 123. > > For NTPv5 to be successful in replacing NTPv4, I think it needs to > support no authentication, symmetric keys and NTS. > >> This section in particular could probably use some editing and clarification to better explain this [1] as we’ll likely need consensus calls made. >> >>> 2. I think that it is better to allow leap smearing and make it a visible part of the protocol than to pretend it is not going to happen. On this topic I think that Miroslav’s proposal was more realistic. Data center network architects tell me they definitely plan to continue to do leap smearing. >> >> In other use cases such as publicly accessible NTP, leap smearing has effectively fragmented the pools of services a given host can use as mixing smeared and non-smeared services is not a good idea, in addition to the start/end and cadence of smearing being inconsistent between providers [2]. I think that having a “linear, monotonic timescale” and leap smearing together are contradictory and so having smearing in the wire format would requiring changing that. My proposal doesn’t prevent smearing of a clock being synchronised, it’s about removing the smear from the wire. > > They can be supported both as different timescales, server responding > in the one that the client has requested. > > If you don't allow leap smearing in NTPv5 at all, I suspect people > will either stick to NTPv4, missing the important improvements in > NTPv5, or ignore the specification and use a leap-smeared version of > NTPv5 anyway. > > Same for UTC vs TAI. Many National Metrology Instituts (NMI) are using NTP to disseminate the legal time, which always is based on UTC. I suppose NMIs will appreciate if NTPv5 servers will have the option to disseminate UTC. > > It seems we need to agree on some very high level goals for NTPv5. Is > it supposed to replace most NTPv4 use cases? Is it supposed to be > implementable on current operating systems? > > -- > Miroslav Lichvar > > _______________________________________________ > ntp mailing list > ntp@ietf.org > https://www.ietf.org/mailman/listinfo/ntp
- [Ntp] Fwd: New Version Notification for draft-gru… James
- [Ntp] Antw: [EXT] Fwd: New Version Notification f… Ulrich Windl
- Re: [Ntp] Fwd: New Version Notification for draft… Doug Arnold
- [Ntp] Antw: [EXT] Re: Fwd: New Version Notificati… Ulrich Windl
- Re: [Ntp] New Version Notification for draft-grue… James
- Re: [Ntp] New Version Notification for draft-grue… Doug Arnold
- Re: [Ntp] New Version Notification for draft-grue… Danny Mayer
- Re: [Ntp] New Version Notification for draft-grue… Salz, Rich
- Re: [Ntp] New Version Notification for draft-grue… Danny Mayer
- Re: [Ntp] New Version Notification for draft-grue… Salz, Rich
- Re: [Ntp] New Version Notification for draft-grue… Salz, Rich
- Re: [Ntp] New Version Notification for draft-grue… James
- Re: [Ntp] New Version Notification for draft-grue… James
- Re: [Ntp] New Version Notification for draft-grue… Salz, Rich
- Re: [Ntp] New Version Notification for draft-grue… Danny Mayer
- Re: [Ntp] New Version Notification for draft-grue… Hal Murray
- [Ntp] Antw: [EXT] Re: New Version Notification fo… Ulrich Windl
- [Ntp] Antw: [EXT] Re: New Version Notification fo… Ulrich Windl
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Danny Mayer
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Danny Mayer
- Re: [Ntp] New Version Notification for draft-grue… Miroslav Lichvar
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Warner Losh
- Re: [Ntp] New Version Notification for draft-grue… James
- Re: [Ntp] New Version Notification for draft-grue… Salz, Rich
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Hal Murray
- Re: [Ntp] New Version Notification for draft-grue… Miroslav Lichvar
- Re: [Ntp] New Version Notification for draft-grue… Miroslav Lichvar
- [Ntp] Antw: [EXT] Re: New Version Notification fo… Ulrich Windl
- [Ntp] Antw: Re: Antw: [EXT] Re: New Version Notif… Ulrich Windl
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Hal Murray
- [Ntp] Antw: [EXT] Re: New Version Notification fo… Ulrich Windl
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Miroslav Lichvar
- [Ntp] Antw: [EXT] Re: New Version Notification fo… Ulrich Windl
- [Ntp] Antw: [EXT] Re: New Version Notification fo… Ulrich Windl
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Ulrich Windl
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Miroslav Lichvar
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Miroslav Lichvar
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Warner Losh
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Tony Finch
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Danny Mayer
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Danny Mayer
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Warner Losh
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Tony Finch
- [Ntp] Antw: Re: Re: Antw: [EXT] Re: New Version N… Ulrich Windl
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Miroslav Lichvar
- [Ntp] Antw: Re: Antw: [EXT] Re: New Version Notif… Ulrich Windl
- Re: [Ntp] New Version Notification for draft-grue… Dieter Sibold
- Re: [Ntp] New Version Notification for draft-grue… kristof.teichel
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Hal Murray
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Martin Burnicki
- [Ntp] Antw: Re: Antw: [EXT] Re: New Version Notif… Ulrich Windl
- Re: [Ntp] New Version Notification for draft-grue… Hal Murray
- Re: [Ntp] New Version Notification for draft-grue… kristof.teichel
- Re: [Ntp] Antw: Re: Antw: [EXT] Re: New Version N… Martin Burnicki
- Re: [Ntp] New Version Notification for draft-grue… Doug Arnold
- Re: [Ntp] Antw: Re: Antw: [EXT] Re: New Version N… Doug Arnold
- Re: [Ntp] New Version Notification for draft-grue… kristof.teichel
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Danny Mayer
- Re: [Ntp] New Version Notification for draft-grue… Danny Mayer
- Re: [Ntp] New Version Notification for draft-grue… James
- [Ntp] Antwort: Re: New Version Notification for d… kristof.teichel
- [Ntp] Antwort: Re: Antw: [EXT] Re: New Version No… kristof.teichel
- Re: [Ntp] Antwort: Re: New Version Notification f… Doug Arnold
- Re: [Ntp] Antwort: Re: New Version Notification f… Danny Mayer
- Re: [Ntp] New Version Notification for draft-grue… Steve Allen
- Re: [Ntp] Antw: Re: Antw: [EXT] Re: New Version N… Hal Murray
- [Ntp] Antw: Re: Antw: Re: Antw: [EXT] Re: New Ver… Ulrich Windl
- [Ntp] Antw: Re: Antw: Re: Antw: [EXT] Re: New Ver… Ulrich Windl
- Re: [Ntp] Antw: Re: Antw: Re: Antw: [EXT] Re: New… Martin Burnicki
- Re: [Ntp] Antw: Re: Antw: Re: Antw: [EXT] Re: New… Martin Burnicki
- Re: [Ntp] Antw: Re: Antw: Re: Antw: [EXT] Re: New… Martin Burnicki
- Re: [Ntp] Antw: Re: Antw: Re: Antw: [EXT] Re: New… Danny Mayer
- Re: [Ntp] Antw: Re: Antw: Re: Antw: [EXT] Re: New… Martin Burnicki
- [Ntp] Antw: Re: Antw: Re: Antw: Re: Antw: [EXT] R… Ulrich Windl
- Re: [Ntp] Antw: Re: Antw: Re: Antw: [EXT] Re: New… Doug Arnold
- Re: [Ntp] [EXTERNAL] Re: Antw: Re: Antw: Re: Antw… Denis Reilly
- Re: [Ntp] [EXTERNAL] Re: Antw: Re: Antw: Re: Antw… Doug Arnold
- Re: [Ntp] [EXTERNAL] Re: Antw: Re: Antw: Re: Antw… Martin Burnicki
- Re: [Ntp] changes in length of day, was Re: New V… Tony Finch
- [Ntp] Antw: Re: [EXTERNAL] Re: Antw: Re: Antw: Re… Ulrich Windl