Re: [Ntp] The NTP WG has placed draft-schiff-ntp-chronos in state "Call For Adoption By WG Issued"

Hal Murray <hmurray@megapathdsl.net> Tue, 10 September 2019 10:10 UTC

Return-Path: <hmurray@megapathdsl.net>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9353E12009E for <ntp@ietfa.amsl.com>; Tue, 10 Sep 2019 03:10:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.135
X-Spam-Level: *
X-Spam-Status: No, score=1.135 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HDRS_LCASE=0.1, HELO_DYNAMIC_IPADDR=1.951, RDNS_DYNAMIC=0.982, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mIamlEt7OU72 for <ntp@ietfa.amsl.com>; Tue, 10 Sep 2019 03:10:19 -0700 (PDT)
Received: from ip-64-139-1-69.sjc.megapath.net (ip-64-139-1-69.sjc.megapath.net [64.139.1.69]) by ietfa.amsl.com (Postfix) with ESMTP id A88231200D8 for <ntp@ietf.org>; Tue, 10 Sep 2019 03:10:17 -0700 (PDT)
Received: from shuksan (localhost [127.0.0.1]) by ip-64-139-1-69.sjc.megapath.net (Postfix) with ESMTP id 6F76B406063; Tue, 10 Sep 2019 03:10:17 -0700 (PDT)
X-Mailer: exmh version 2.7.2 01/07/2005 with nmh-1.3
To: Neta R S <neta.r.schiff@gmail.com>
cc: Hal Murray <hmurray@megapathdsl.net>, ntp@ietf.org
From: Hal Murray <hmurray@megapathdsl.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Tue, 10 Sep 2019 03:10:17 -0700
Message-Id: <20190910101017.6F76B406063@ip-64-139-1-69.sjc.megapath.net>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/AxzvDU48qlwgj0lODNR2SjBtbfY>
Subject: Re: [Ntp] The NTP WG has placed draft-schiff-ntp-chronos in state "Call For Adoption By WG Issued"
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Sep 2019 10:10:25 -0000

neta.r.schiff@gmail.com said:
> *Threat model: *Chronos considers a powerful form of man-in-the-middle (MitM)
> Byzantine attacker, capable of determining precisely the values of the time
> samples gathered by the Chronos client from a subset of the NTP servers in
> its server pool (up to one-third of the pool). 

I consider that "up to one-third" to be a serious problem.  It doesn't cover 
the case where the bad guy has taken over your ISP (or is your ISP) and thus 
controls all the traffic to the servers you try to use.  I think that's going 
to be a common case.

[Disclaimer: I work on NTS so I'm probably biased.]

Why should we work on this rather than getting NTS deployed?


There is an additional complication.  You are inventing a new method of 
processing the data from packets that get past your filters.


-- 
These are my opinions.  I hate spam.