Re: [Ntp] Call for adoption: draft-schiff-ntp-chronos

Tal Mizrahi <tal.mizrahi.phd@gmail.com> Tue, 03 September 2019 07:34 UTC

Return-Path: <tal.mizrahi.phd@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 47FFD120288 for <ntp@ietfa.amsl.com>; Tue, 3 Sep 2019 00:34:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v_6meBd_1MYU for <ntp@ietfa.amsl.com>; Tue, 3 Sep 2019 00:34:41 -0700 (PDT)
Received: from mail-qk1-x732.google.com (mail-qk1-x732.google.com [IPv6:2607:f8b0:4864:20::732]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B60F312003F for <ntp@ietf.org>; Tue, 3 Sep 2019 00:34:41 -0700 (PDT)
Received: by mail-qk1-x732.google.com with SMTP id 201so5273983qkd.13 for <ntp@ietf.org>; Tue, 03 Sep 2019 00:34:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=RSUZ7kZx235hzHi4jJrziqmelc7RZS8Y6IdCiDghDvI=; b=skZMAcTeeMSqIlH/8srm8HZ86NQGCVLIuesUmJrkrALzDiObeLXo/wONlSoJqtaBMD FfAOEuyrxOcH1AiQ1ivtxsiw/mnoqddW/Xf51K74aQKH9AzegHNJMGUVYYtiv7OcbEy8 TBkrtb5D9NVXLFyuh36/fU1AVObiWpYsdR3qaHalTMol+pIvm0yI6rN3Ol8lGfHze4ed g2dFJ0TecgFE7aiCdkXhSuuwkBSB+LZMehPZhshTn6D4v3BkGTbXEq8R3UHKAsFdZTHC ZUsiiQUozuTJQr7nR5iV4hTiwOFJ007FP+fRLl2I7HE7sZg9qxWe0XMz3bfo2z6J+y9k PirQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=RSUZ7kZx235hzHi4jJrziqmelc7RZS8Y6IdCiDghDvI=; b=OlF1p7IFtyb5sxNYLdsYtOlXhDREbWimi8hwXYTu0ZeF987izKHgc8EcE6yCr3qzwG vnPWx5diOhVB4ERP428kV2GGAIPsKWutNmoKdzSN4ydcwfHMxR3rrsKgs2uNdUtLmdoG NGeWFKeQ8MszkdMATSqdZn4DQoj2fj1UPNOM7RqLoor9wEVOW463ysT+HR9J28dWOf55 arGoFZ574KB22RY4H/uc1Bv6hAscepPCzWr7zPw86iSG1WpGG7f16xgDsUuIVko58Cqe zVLpHxWiVPg6GsyXWeO4g2Ii6qFIjA31XQGW1dSWqri8hX8VP0cEt0ywlZlDOaOp8N90 eaZA==
X-Gm-Message-State: APjAAAVOsq+QXPdSoDs1FHYMoxAcs7GSR7XuRbfoNAYrmFvdc/OlRwCd UBby3ImV6tzz/KVdSevb0O618dxB0C6TbT4iT165K209334=
X-Google-Smtp-Source: APXvYqx7cQlyiJHGK2k276VLrwak/x0J74IqcSGSky2UUBZeb0Hv8rILtreOcL9M80KVKmy5Fpj29G1cSCzBafAWf8U=
X-Received: by 2002:a37:8042:: with SMTP id b63mr5070621qkd.94.1567496080765; Tue, 03 Sep 2019 00:34:40 -0700 (PDT)
MIME-Version: 1.0
References: <599D739B-4E2B-4C4F-B265-10DA277DC4FA@isoc.org> <20190902115915.GE15024@localhost> <CAM-HxCOe1=Jn4g=p+Uj9QvzNwCq7hxZJS23Sp-hJb=MA6uNoGg@mail.gmail.com> <651c7da3-33a3-aecd-c7a7-8f1c4ec05e9a@nwtime.org>
In-Reply-To: <651c7da3-33a3-aecd-c7a7-8f1c4ec05e9a@nwtime.org>
From: Tal Mizrahi <tal.mizrahi.phd@gmail.com>
Date: Tue, 3 Sep 2019 10:34:29 +0300
Message-ID: <CABUE3X=JNgijs78WUnDDexkBezKrR+Tkrf=YaWk3P8nUDOShrA@mail.gmail.com>
To: Harlan Stenn <stenn@nwtime.org>
Cc: ntp@ietf.org
Content-Type: multipart/alternative; boundary="00000000000014b6230591a11ffd"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/ATB-8ymIkx83tBaCxCUff7GPY4c>
Subject: Re: [Ntp] Call for adoption: draft-schiff-ntp-chronos
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Sep 2019 07:34:44 -0000

Hi Harlan,

Thanks for the feedback.

>I am opposed to the adoption of this draft as anything other than an
>experimental proposal.

The difference between Informational and Experimental is a bit subtle,
e.g., "Experimental" is usually defined for a limited period of time.
However, Informational and Experimental are 'on the same level' in terms of
importance.

It is important to emphasize that the intended status of the current draft
is not "Standards Track", and it is not intended to "update" RFC 5905.
Chronos is defined as a client algorithm that does not affect NTP servers
or non-Chronos clients, so there is no interoperability issues with
existing implementations of NTP. That is why we see it as "Informational",
as it does not change the protocol, and an implementation may choose to
implement Chronos or not to implement it, without affecting other
implementations.

Anyway, I believe this is not a big issue, and can probably be resolved
with the WG chairs.

Thanks,
Tal.



On Mon, Sep 2, 2019 at 3:55 PM Harlan Stenn <stenn@nwtime.org>; wrote:

> I am opposed to the adoption of this draft as anything other than an
> experimental proposal.
>
> On 9/2/2019 5:49 AM, Neta R S wrote:
> > Hi,
> >
> > Chronos has a provable security guarantees compared to the current
> > NTPv4, even when facing MitM attacker.
>
> What *exactly* are these provable security guarantees?
>
> I suspect people are drawing incorrect inferences from "provable
> security guarantees".
>
> H
> --
> > Thus, we suggested Chronos as NTPv4 watchdog and named the draft
> > accordingly.
> > We'll consider your comment regarding the draft's name, but in the worse
> > case (where the MitM controls the client's gateway) I am not sure there
> > is a solution.
> >
> > Regarding Daniel's and Kristof's comments, we agree that experimental
> > might be a more appropriate intended status.
> >
> > Best,
> > Neta
> >
> > On Mon, Sep 2, 2019 at 2:59 PM Miroslav Lichvar <mlichvar@redhat.com
> > <mailto:mlichvar@redhat.com>> wrote:
> >
> >     On Wed, Aug 28, 2019 at 05:37:10AM +0000, Karen O'Donoghue wrote:
> >     > A Secure Selection and Filtering Mechanism for the Network Time
> >     Protocol Version 4
> >     > https://datatracker.ietf.org/doc/draft-schiff-ntp-chronos/
> >     >
> >     > Please reply with your opinion on whether or not the working group
> >     should adopt this document including your willingness to review and
> >     contribute..
> >
> >     I support adoption of this draft. I would like the group to consider
> >     using a slightly different title and more careful use of the word
> >     "secure" in the document. The algorithms improve resiliency against
> >     some MITM attacks, but in the worst case security doesn't change.
> >
> >     --
> >     Miroslav Lichvar
> >
> >     _______________________________________________
> >     ntp mailing list
> >     ntp@ietf.org <mailto:ntp@ietf.org>
> >     https://www.ietf.org/mailman/listinfo/ntp
> >
> >
> > _______________________________________________
> > ntp mailing list
> > ntp@ietf.org
> > https://www.ietf.org/mailman/listinfo/ntp
> >
>
> --
> Harlan Stenn, Network Time Foundation
> http://nwtime.org - be a Member!
>
> _______________________________________________
> ntp mailing list
> ntp@ietf.org
> https://www.ietf.org/mailman/listinfo/ntp
>