IETF Logo Mail Archive

Re: [Ntp] Splitting the Roughtime draft?

Watson Ladd <watsonbladd@gmail.com> Tue, 02 February 2021 16:56 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79A7B3A0C0D for <ntp@ietfa.amsl.com>; Tue, 2 Feb 2021 08:56:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CgwUncyEU2dk for <ntp@ietfa.amsl.com>; Tue, 2 Feb 2021 08:56:33 -0800 (PST)
Received: from mail-ed1-x533.google.com (mail-ed1-x533.google.com [IPv6:2a00:1450:4864:20::533]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1E9B93A0C03 for <ntp@ietf.org>; Tue, 2 Feb 2021 08:56:33 -0800 (PST)
Received: by mail-ed1-x533.google.com with SMTP id d2so23731476edz.3 for <ntp@ietf.org>; Tue, 02 Feb 2021 08:56:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=B0N1NJ/kGDx/wEW7kHhKn6uoLg/aZCrHQbgnCeHIVOw=; b=R/XuAzgpdveSbMmTvholJwaEqOfuK+lz89nytABTKFC6MoGLDG/vncDReWs3eLMxSk Gnj786py2m1WEVasdA/X5Bu5cIKk+EW/6IV0ctEh6+m0Qt+Ttk3sXhxPpCAIoZCcJALo KfTnZUNTxQujvM1D/QPF3cpieKY1oYXrP/2sZ1mNLyubSEgIEUc/GQqN4Tj7gBS7HV6e KLGmn+4jsr8OR2Yhr3KYGYJ0mJMu8yUzzmTg3jeB7s2txJEyC8f8oy1nFTZEuXuAHF8u 9G3oxKcDAVi8Cn9LWbSx7J9ZSpMgk9NLVbJQjsL3lkLgjKcM8LGIr3hT5RWAHERdNFZU eKGA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=B0N1NJ/kGDx/wEW7kHhKn6uoLg/aZCrHQbgnCeHIVOw=; b=Poy0XTL+6fq2U1FPl8ISHb0CGGIVn2dJPmoM/pNkiVK7yPgLOpAiLuygdiUiwvEFWg mziF5fXaeqYZUwL8ZhmIjrgrfAAhd2SfnXMXdXy0L20qxH0UXXx4sTNfq4ezCIvjH7Df yXCzfJW3FjWBkFPjmbzVGbLo9J+H3CrXLoHwhlug6msVSTLBtgXAm35a/2aIDcMErEEP akXuMvNyEgHBMCcd6PlsSH6N/OVuamp5zw3xACCceofNUgRZxHh/JbBMkbTNVschae4q kYgt0DkAsczeI6lQrKYKC2JpJ3je1XnWCxcfZn1KJeEcwey2HcFAlBj5pirD1Ul6qtQE 6gCg==
X-Gm-Message-State: AOAM5306FsPoiyaOtn2e7ogrA07uO/edEbG/bzjolx3MttZf6/qiEZKp liyWHoE4Fijd68Vt2r6IFlX7FZb/T7l+w3FSYhFFGGyqFpM=
X-Google-Smtp-Source: ABdhPJy1aO2XkjU1LDUsJmTxiSrMm2jlmbru1guKu5LiZX7ISP+s27Sw/WxryAKQKID6FkTX+/TMewohrKrcUKX+eyo=
X-Received: by 2002:aa7:d649:: with SMTP id v9mr24421982edr.383.1612284991324; Tue, 02 Feb 2021 08:56:31 -0800 (PST)
MIME-Version: 1.0
References: <watsonbladd@gmail.com> <CACsn0c=1iNQLYpz_M8-TwLGNa0bBRGKNNGFgg7v=KEFQZfX5=Q@mail.gmail.com> <20210131233004.B4993406061@ip-64-139-1-69.sjc.megapath.net>
In-Reply-To: <20210131233004.B4993406061@ip-64-139-1-69.sjc.megapath.net>
From: Watson Ladd <watsonbladd@gmail.com>
Date: Tue, 02 Feb 2021 08:56:19 -0800
Message-ID: <CACsn0c=r8jRAih0JE+57AUti5x8-nAfpdOjVxYuMLPttaw3m7g@mail.gmail.com>
To: Hal Murray <hmurray@megapathdsl.net>
Cc: NTP WG <ntp@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/9cJkS16h2s7uTdUoeQ6LqORegvM>
Subject: Re: [Ntp] Splitting the Roughtime draft?
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Feb 2021 16:56:35 -0000

On Sun, Jan 31, 2021 at 3:30 PM Hal Murray <hmurray@megapathdsl.net> wrote:
>
>
> watsonbladd@gmail.com said:
> >> Without a valid key, you can't verify that message so bad guys can forge
> one.
> >> That seems like a nasty complication.  Do you want to go down that path?
> > I miswrote: It would of course be signed by the key involved.
>
> It's still an additional complication to analyze.
>
> You have to handle the case of bad-guy has a stolen key so now he can forge
> responses with bogus time.  How does being able to respond with key-invalid
> help things and is that worth the complexity of discussing key-invalid?

Bogus time leads to inconsistencies which leads to distrust.

You don't respond with it but publish it to indicate that you want to
revoke the key, akin to a PGP revocation request.

The reason it exists in the same format is to avoid cross-protocol attacks.

>
>
>
> --
> These are my opinions.  I hate spam.
>
>
>

--
Astra mortemque praestare gradatim

v2.23.0 | Report a Bug | By Email