[Ntp] Antw: [EXT] Re: NTS4UPTP draft

Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de> Mon, 07 June 2021 07:22 UTC

Return-Path: <Ulrich.Windl@rz.uni-regensburg.de>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 02BCE3A3A64 for <ntp@ietfa.amsl.com>; Mon, 7 Jun 2021 00:22:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DBiWfRbSeCuD for <ntp@ietfa.amsl.com>; Mon, 7 Jun 2021 00:22:13 -0700 (PDT)
Received: from mx4.uni-regensburg.de (mx4.uni-regensburg.de [IPv6:2001:638:a05:137:165:0:4:4e7a]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65A693A3A22 for <ntp@ietf.org>; Mon, 7 Jun 2021 00:22:13 -0700 (PDT)
Received: from mx4.uni-regensburg.de (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 95086600004E for <ntp@ietf.org>; Mon, 7 Jun 2021 09:22:08 +0200 (CEST)
Received: from gwsmtp.uni-regensburg.de (gwsmtp1.uni-regensburg.de [132.199.5.51]) by mx4.uni-regensburg.de (Postfix) with ESMTP id 7D0BD6000047 for <ntp@ietf.org>; Mon, 7 Jun 2021 09:22:06 +0200 (CEST)
Received: from uni-regensburg-smtp1-MTA by gwsmtp.uni-regensburg.de with Novell_GroupWise; Mon, 07 Jun 2021 09:22:06 +0200
Message-Id: <60BDC91E020000A1000418E6@gwsmtp.uni-regensburg.de>
X-Mailer: Novell GroupWise Internet Agent 18.3.1
Date: Mon, 07 Jun 2021 09:22:06 +0200
From: "Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>
To: <doug.arnold=40meinberg-usa.com@dmarc.ietf.org>, "Dieter Sibold" <dsibold.ietf@gmail.com>,<mlichvar@redhat.com>
Cc: <heiko.gerstung=40meinberg.de@dmarc.ietf.org>, "ntp@ietf.org" <ntp@ietf.org>
References: <C3693A60-E1A0-4570-91C3-876EB584B468@meinberg.de> <A2CB8908-86BE-4FB0-959C-7FF1DED9B421@gmail.com>, <YLiMp17LeGVOTp+r@localhost> <AM7PR02MB5765DAE47BF68F331CBE7BE8CF3B9@AM7PR02MB5765.eurprd02.prod.outlook.com>
In-Reply-To: <AM7PR02MB5765DAE47BF68F331CBE7BE8CF3B9@AM7PR02MB5765.eurprd02.prod.outlook.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Content-Disposition: inline
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/BDcK7KB58MLPf0GWdsjyNyZ3KFM>
Subject: [Ntp] Antw: [EXT] Re: NTS4UPTP draft
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jun 2021 07:22:18 -0000

>>> Doug Arnold <doug.arnold=40meinberg-usa.com@dmarc.ietf.org> schrieb am
04.06.2021 um 18:45 in Nachricht
<AM7PR02MB5765DAE47BF68F331CBE7BE8CF3B9@AM7PR02MB5765.eurprd02.prod.outlook.com>

> I always recommend to network operators that  If you are transfer time
across 
> the Internet it should be NTP.  Nevertheless, Inevitably someone is going to

> run PTP this way.  However, I don’t know that it is something that we need
to 
> protect or encourage.
> 
> People do run PTP over large telecom networks.  Power grid operators 
> sometime run PTP between substations on large telecom like networks to back

> up GNSS.  Financial data centers sometime like to get time over fiber from a

> remote national lab.  These applications will likely eventual want to
improve 
> the robustness by a having a secure version of PTP.

Hi!

Another question is: if PTP is used mostly for corporate "private" networks,
wouldn't "PTP over VPN" do?
If companies have a "private (more or less) fiber", isn't that "security
enough"? 
I mean NTP being a "public" protocol, the "NTP over VPN" wouldn't work.
(Timing-issues left aside)

Regards,
Ulrich

> 
> Doug
> 
> From: ntp <ntp‑bounces@ietf.org> on behalf of Miroslav Lichvar 
> <mlichvar@redhat.com>
> Date: Thursday, June 3, 2021 at 4:03 AM
> To: Dieter Sibold <dsibold.ietf@gmail.com>
> Cc: Heiko Gerstung <heiko.gerstung=40meinberg.de@dmarc.ietf.org>rg>, NTP WG 
> <ntp@ietf.org>
> Subject: Re: [Ntp] NTS4UPTP draft
> On Wed, Jun 02, 2021 at 11:40:49PM +0200, Dieter Sibold wrote:
>> In the past PTP is applied mainly in local networks but today it is going
to
>> be applied across Internet connection also.
> 
> Just to clarify, do you mean that people are now using PTP to
> synchronize clocks over Internet, or that the servers are
> accessible from Internet and that's why they need to be secured?
> 
> The former wouldn't make sense to me as PTP relies on hardware support
> in routers/switches, which is generally missing on Internet.
> 
> ‑‑
> Miroslav Lichvar
> 
> _______________________________________________
> ntp mailing list
> ntp@ietf.org 
> https://www.ietf.org/mailman/listinfo/ntp