Re: [Ntp] Last Call: <draft-ietf-ntp-using-nts-for-ntp-22.txt> (Network Time Security for the Network Time Protocol) to Proposed Standard

Miroslav Lichvar <mlichvar@redhat.com> Mon, 24 February 2020 16:27 UTC

Return-Path: <mlichvar@redhat.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A98553A0FA9 for <ntp@ietfa.amsl.com>; Mon, 24 Feb 2020 08:27:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9ZLCWMPUJ-Ou for <ntp@ietfa.amsl.com>; Mon, 24 Feb 2020 08:27:06 -0800 (PST)
Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 53F563A0FCA for <ntp@ietf.org>; Mon, 24 Feb 2020 08:27:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1582561625; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=G9BwUc03HaEbF6Kdxoqr6ZIjmG9GHx16vyobmc/Jhq0=; b=b+pCXYt1DqIG0SNY4pGTQDYkBsJsm6tZU0vOMYjyS4X+sVMgnv2DXdEpKOBUNf8r3M8iJB wngPcvv8PObP14SwIgi6a65XYxVaMRcozDWuGgWJyqSDMsErGjWqJDo7J/EfuZNY71srN9 5fMZHBdUoBmAL6GNJGQ0lXkLsQKkUvs=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-439-fk3ZRHnUMROlRPyWDR-P4A-1; Mon, 24 Feb 2020 11:27:02 -0500
X-MC-Unique: fk3ZRHnUMROlRPyWDR-P4A-1
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 8DAF010CE79D for <ntp@ietf.org>; Mon, 24 Feb 2020 16:27:01 +0000 (UTC)
Received: from localhost (holly.tpb.lab.eng.brq.redhat.com [10.43.134.11]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 118D19CA3 for <ntp@ietf.org>; Mon, 24 Feb 2020 16:27:00 +0000 (UTC)
Date: Mon, 24 Feb 2020 17:26:59 +0100
From: Miroslav Lichvar <mlichvar@redhat.com>
To: ntp@ietf.org
Message-ID: <20200224162659.GA26107@localhost>
References: <158169157632.16127.5189378582509283109.idtracker@ietfa.amsl.com> <CAD4huA6nNtJB5=E+dxBvmsLrozkgZ3f-3P=NydCsm8=F2Tj_Fw@mail.gmail.com> <CACsn0c=kOdh3yxOLDNP6GNprOHxAWVv6wgynWj2eq9SOFwR5_A@mail.gmail.com>
MIME-Version: 1.0
In-Reply-To: <CACsn0c=kOdh3yxOLDNP6GNprOHxAWVv6wgynWj2eq9SOFwR5_A@mail.gmail.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/4fHaLYNKX6-3WEGqlA5jzNbkRd4>
Subject: Re: [Ntp] Last Call: <draft-ietf-ntp-using-nts-for-ntp-22.txt> (Network Time Security for the Network Time Protocol) to Proposed Standard
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Feb 2020 16:27:08 -0000

On Mon, Feb 24, 2020 at 08:14:58AM -0800, Watson Ladd wrote:
> On Mon, Feb 24, 2020, 6:52 AM Steven Sommars <stevesommarsntp@gmail.com>
> wrote:
> > How will NTS work in today's UDP-unfriendly Internet?
> >
> 
> NTS-KE can advertise an alternate port for NTP.

It would be good if all servers used the same alternative port to make
it easier to configure firewalls for NTS.

Considering the current state of the Internet, I think it would make
sense to specify one generally for NTP and not just for NTS. I have
prepared an initial draft that does that. If there is interest we can
work on that.
https://github.com/mlichvar/draft-ntp-alternative-port

-- 
Miroslav Lichvar