Re: [Ntp] I-D Action: draft-ietf-ntp-update-registries-09.txt
James Browning <jamesb.fe80@gmail.com> Sat, 02 December 2023 21:29 UTC
Return-Path: <jamesb.fe80@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB266C14F5FF for <ntp@ietfa.amsl.com>; Sat, 2 Dec 2023 13:29:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.858
X-Spam-Level:
X-Spam-Status: No, score=-6.858 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nnmUQYgFODXc for <ntp@ietfa.amsl.com>; Sat, 2 Dec 2023 13:29:08 -0800 (PST)
Received: from mail-ej1-x62d.google.com (mail-ej1-x62d.google.com [IPv6:2a00:1450:4864:20::62d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5E253C14F5FE for <ntp@ietf.org>; Sat, 2 Dec 2023 13:29:08 -0800 (PST)
Received: by mail-ej1-x62d.google.com with SMTP id a640c23a62f3a-9e1021dbd28so463382766b.3 for <ntp@ietf.org>; Sat, 02 Dec 2023 13:29:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701552546; x=1702157346; darn=ietf.org; h=content-transfer-encoding:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=Q6babXXSej1rV+q0lKBDs7JBSAbmrap1jcZGxOAa2y4=; b=Kgt6HGLaYsAV3YAHpxhhVJDZjYM99uvuqhj9dy7cUohN4qwfURnmUIlxbailZ40vKW MCVgF91bnhlXMBtMvNc5BA781HJw5+YIZVfKIl96Xwde9kwI8W4MKP4GqXEPrlhGjd0E +XDcbCMIb6rm8Vsu9wqRijsKNFTTgcePyC6/aD2kZTJnBnRR3xrF/RGebLwPqBG8U2ne WGoPRFIPoxWjOQBzukkbVh1L0k8h/t/R0xTBZ9PXHa25FbWaI99mt55e0/Z4Emb09+98 fKN8bjyNdO4qZJPRgKZkVNTBuRnLFQPJbSGSb14AzKdl6NswkF2ufRFFlFnmP3wWS9rf TWFg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701552546; x=1702157346; h=content-transfer-encoding:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Q6babXXSej1rV+q0lKBDs7JBSAbmrap1jcZGxOAa2y4=; b=ucII1wHc8vKuYO49c75HYYKae2DTOJyXe8YpkfAurjflndY3F7ByBe35WPoEYEhqXW Y6eTwI0D8miPHJorYXGndv/rzKLuhNxPEENhIIZBC1sZMjZhcksYkLk/v376phbC+qSQ aDZw4jkrsLO7QuvGPQWy3nJkKxB6TiiPNXtOxkxDVDojOyyUpA0OeQO1ld2gySSAZZYX M2jcSHbgZ6r1Zs1xmKciuLdMDlf9iL12H5ubXFNY0wpaXmhwk7zr8NJgIZTGsqAFcENI vrmpQMBDz1uqrOjZFQiMwQtPzwTTGuvzl+ERJBFjO4ppooSnsnSloGuJ56V8S5FjnucM qSyQ==
X-Gm-Message-State: AOJu0YyS8sl5Fh2uTMNkybel23Od8wBRoXIUEoUACx4KR7C+z5eBGTrN 1dpJzVHxs+i/8SpD6y6nCdz03ePFFFq40crmketzzRf4ZQ==
X-Google-Smtp-Source: AGHT+IHDSNVLkFcH2jf1sNtJ9DLFmcPXp+1sJgSeO9qD7nafsOksKG/Nco8oXIUaGeI2f5117Cxyy+ZTrZNWMa4Yx54=
X-Received: by 2002:a17:906:10ca:b0:a19:a19b:c711 with SMTP id v10-20020a17090610ca00b00a19a19bc711mr2358810ejv.97.1701552546391; Sat, 02 Dec 2023 13:29:06 -0800 (PST)
MIME-Version: 1.0
References: <20231127025215.B19BF28C1C3@107-137-68-211.lightspeed.sntcca.sbcglobal.net> <7d536bef-0ace-47e3-9dc5-36e7f5e95571@pdmconsulting.net>
In-Reply-To: <7d536bef-0ace-47e3-9dc5-36e7f5e95571@pdmconsulting.net>
From: James Browning <jamesb.fe80@gmail.com>
Date: Sat, 02 Dec 2023 13:28:56 -0800
Message-ID: <CAFTY+dAjfi6HN-mrts5BGhbytL5QFH1jUCpzwXwgmPsx7ebyxw@mail.gmail.com>
To: "ntp@ietf.org" <ntp@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/9cSY4xt1MUG-MGmZJLBf2oMu90c>
Subject: Re: [Ntp] I-D Action: draft-ietf-ntp-update-registries-09.txt
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Dec 2023 21:29:08 -0000
On Sat, Dec 2, 2023 at 12:40 PM Danny Mayer <mayer@pdmconsulting.net> wrote: > > > On 11/26/23 9:52 PM, Hal Murray wrote: > > Could you please save/reserve extensiion Field Type 0x0000? > Yes. This is actually a crypto-NAK as defined in RFC 5905 Section 9.2 > though it's not called an extension field there. > > > > I don't have a good writeup. The idea is tangled up with 7822. The problem > > is how to distinguish an extension from a MAC. > That was the problem I was grappling with in that RFC. As the author of > that section you can blame me it it's a bit mangled! > > > > Shared key MACs have a 4 byte key number and 16 or 20 bytes of MAC. The key > > number space was shared by autokey and manual assignments. The manual mode > > was restricted to the lower 65K. So sites that are not using autokey don't > > need the at least 28 byte length restriction from RFC 7822 for the last > > extension. If the type field is 0, the rest is a MAC rather than an extension. > > I did come up with an idea about handling a variable length MAC since > the RFC was published though there may be some corner cases that would > not be handled correctly. The problem is not having a length field to > state how long it is supposed to be. The existing MAC should be replaced > by an extension field MAC in a NTP v5 implementation so we have a length > field we can depend on. I suppose it's too much trouble to implement extension 0 as a special case that ignores length and takes the entire remainder of the packet as a MAC. IIRC, the only extension that should have an issue with it is 0x2005 Checksum Complement, whose use case is incompatible with MACs. But only for NTPv4, I agree MACs should be in an extension. IIRC, Stenn had a draft or two posted with that general intent.
- [Ntp] I-D Action: draft-ietf-ntp-update-registrie… internet-drafts
- Re: [Ntp] I-D Action: draft-ietf-ntp-update-regis… Miroslav Lichvar
- Re: [Ntp] I-D Action: draft-ietf-ntp-update-regis… Hal Murray
- Re: [Ntp] I-D Action: draft-ietf-ntp-update-regis… Miroslav Lichvar
- Re: [Ntp] [EXT] Re: I-D Action: draft-ietf-ntp-up… Windl, Ulrich
- Re: [Ntp] I-D Action: draft-ietf-ntp-update-regis… Danny Mayer
- Re: [Ntp] I-D Action: draft-ietf-ntp-update-regis… James Browning
- Re: [Ntp] I-D Action: draft-ietf-ntp-update-regis… Salz, Rich
- Re: [Ntp] I-D Action: draft-ietf-ntp-update-regis… Hal Murray
- Re: [Ntp] I-D Action: draft-ietf-ntp-update-regis… Salz, Rich
- Re: [Ntp] I-D Action: draft-ietf-ntp-update-regis… Salz, Rich
- Re: [Ntp] [EXT] I-D Action: draft-ietf-ntp-update… Windl, Ulrich
- Re: [Ntp] I-D Action: draft-ietf-ntp-update-regis… Salz, Rich
- Re: [Ntp] I-D Action: draft-ietf-ntp-update-regis… Windl, Ulrich
- Re: [Ntp] I-D Action: draft-ietf-ntp-update-regis… Hal Murray
- Re: [Ntp] I-D Action: draft-ietf-ntp-update-regis… Salz, Rich
- Re: [Ntp] I-D Action: draft-ietf-ntp-update-regis… Danny Mayer
- Re: [Ntp] I-D Action: draft-ietf-ntp-update-regis… Hal Murray
- Re: [Ntp] I-D Action: draft-ietf-ntp-update-regis… Miroslav Lichvar
- Re: [Ntp] I-D Action: draft-ietf-ntp-update-regis… Miroslav Lichvar