[ntpwg] Questions on draft-ietf-ntp-using-nts-for-ntp-01
Miroslav Lichvar <mlichvar@redhat.com> Fri, 28 August 2015 12:11 UTC
Return-Path: <ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org>
X-Original-To: ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com
Delivered-To: ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 498BF1ACDD6 for <ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com>; Fri, 28 Aug 2015 05:11:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.91
X-Spam-Level:
X-Spam-Status: No, score=-6.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qIdXuyPZUJLK for <ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com>; Fri, 28 Aug 2015 05:11:36 -0700 (PDT)
Received: from lists.ntp.org (lists.ntp.org [149.20.68.7]) by ietfa.amsl.com (Postfix) with ESMTP id 630291ACD63 for <ntp-archives-ahFae6za@lists.ietf.org>; Fri, 28 Aug 2015 05:11:36 -0700 (PDT)
Received: from lists.ntp.org (lists.ntp.org [149.20.68.7]) by lists.ntp.org (Postfix) with ESMTP id 547F586DB5F for <ntp-archives-ahFae6za@lists.ietf.org>; Fri, 28 Aug 2015 12:11:36 +0000 (UTC)
X-Original-To: ntpwg@lists.ntp.org
Delivered-To: ntpwg@lists.ntp.org
Received: from mail1.ntp.org (mail1.ntp.org [IPv6:2001:4f8:fff7:1::5]) by lists.ntp.org (Postfix) with ESMTP id 316BA86D77B for <ntpwg@lists.ntp.org>; Fri, 28 Aug 2015 11:58:16 +0000 (UTC)
Received: from mx1.redhat.com ([209.132.183.28]) by mail1.ntp.org with esmtps (TLSv1:AES256-SHA:256) (Exim 4.77 (FreeBSD)) (envelope-from <mlichvar@redhat.com>) id 1ZVIIK-0003zS-6B for ntpwg@lists.ntp.org; Fri, 28 Aug 2015 11:58:16 +0000
Received: from int-mx14.intmail.prod.int.phx2.redhat.com (int-mx14.intmail.prod.int.phx2.redhat.com [10.5.11.27]) by mx1.redhat.com (Postfix) with ESMTPS id 5C7148CF55 for <ntpwg@lists.ntp.org>; Fri, 28 Aug 2015 11:58:07 +0000 (UTC)
Received: from localhost (dhcp-24-154.brq.redhat.com [10.34.24.154]) by int-mx14.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id t7SBw6x0028600 for <ntpwg@lists.ntp.org>; Fri, 28 Aug 2015 07:58:06 -0400
Date: Fri, 28 Aug 2015 13:58:05 +0200
From: Miroslav Lichvar <mlichvar@redhat.com>
To: ntpwg@lists.ntp.org
Message-ID: <20150828115805.GA30920@localhost>
MIME-Version: 1.0
Content-Disposition: inline
User-Agent: Mutt/1.5.23 (2014-03-12)
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.27
X-SA-Exim-Connect-IP: 209.132.183.28
X-SA-Exim-Rcpt-To: ntpwg@lists.ntp.org
X-SA-Exim-Mail-From: mlichvar@redhat.com
X-SA-Exim-Version: 4.2
X-SA-Exim-Scanned: Yes (on mail1.ntp.org)
Subject: [ntpwg] Questions on draft-ietf-ntp-using-nts-for-ntp-01
X-BeenThere: ntpwg@lists.ntp.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: IETF Working Group for Network Time Protocol <ntpwg.lists.ntp.org>
List-Unsubscribe: <http://lists.ntp.org/options/ntpwg>, <mailto:ntpwg-request@lists.ntp.org?subject=unsubscribe>
List-Archive: <http://lists.ntp.org/pipermail/ntpwg/>
List-Post: <mailto:ntpwg@lists.ntp.org>
List-Help: <mailto:ntpwg-request@lists.ntp.org?subject=help>
List-Subscribe: <http://lists.ntp.org/listinfo/ntpwg>, <mailto:ntpwg-request@lists.ntp.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org
Sender: ntpwg <ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org>
I have some questions and comments on draft-ietf-ntp-using-nts-for-ntp-01. I think Florian has commented on this issue in the previous version of the draft, but I'm not sure if/how it was resolved. How does the client verify the identity of the server after receiving the server_assoc message? For persistent associations it would probably be a check of the hostname from the certificate, but what about ephemeral associations? Would it be acceptable for the client to be configured with a public key that the server certificate has to be signed by? There doesn't seem to be anything specific to symmetric associations. I guess the simplest approach is to treat them in NTS as two independent client/server associations, created separately and then each packet having both time_request and time_response messages. However, a special care must be taken when creating the association. To succeed even when an attacker is sending spoofed packets to the peers, I think there has to be a server_assoc/cook reply for each client_assoc/cook request, i.e. the initialization has to be independent from the normal peer polling process. Should be the assoc/cook messages sent in the NTP client/server mode packets or keep them in the symmetric mode? My preference would be the former. Will there be any recommendations on the minimum interval between client requests when creating an NTS association? I think it should follow the NTP rules on polling interval. With the 2s (i)burst interval and server_assoc message that didn't require more than one packet, the client could have the first secure timestamps after 4 seconds. Should be the client_assoc message (or other NTS messages) required to include padding to prevent traffic amplification attacks? What exactly is preventing NTS to be usable with NTP pools? Is that meant for the pool.ntp.org pool where the servers are not controlled by a single entity or is there a requirement that one certificate cannot be used on multiple servers? -- Miroslav Lichvar _______________________________________________ ntpwg mailing list ntpwg@lists.ntp.org http://lists.ntp.org/listinfo/ntpwg
- [ntpwg] Questions on draft-ietf-ntp-using-nts-for… Miroslav Lichvar
- Re: [ntpwg] Questions on draft-ietf-ntp-using-nts… kristof.teichel
- Re: [ntpwg] Questions on draft-ietf-ntp-using-nts… Miroslav Lichvar
- Re: [ntpwg] Questions on draft-ietf-ntp-using-nts… kristof.teichel
- Re: [ntpwg] Questions on draft-ietf-ntp-using-nts… Miroslav Lichvar