[Ntp] Re: [IANA #1443105] Request for Assignment (nts)
Daniel Franke <dfoxfranke@gmail.com> Mon, 16 March 2026 15:06 UTC
Return-Path: <dfoxfranke@gmail.com>
X-Original-To: ntp@mail2.ietf.org
Delivered-To: ntp@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 32CD4CB61483 for <ntp@mail2.ietf.org>; Mon, 16 Mar 2026 08:06:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9CkKE_YdNKHx for <ntp@mail2.ietf.org>; Mon, 16 Mar 2026 08:06:53 -0700 (PDT)
Received: from mail-oa1-x2f.google.com (mail-oa1-x2f.google.com [IPv6:2001:4860:4864:20::2f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 5C81FCB61478 for <ntp@ietf.org>; Mon, 16 Mar 2026 08:06:53 -0700 (PDT)
Received: by mail-oa1-x2f.google.com with SMTP id 586e51a60fabf-40427db1300so2784212fac.0 for <ntp@ietf.org>; Mon, 16 Mar 2026 08:06:53 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1773673612; cv=none; d=google.com; s=arc-20240605; b=lIpu3Kkox3fIamq2pybm+FPc7l7ZyFCbn0jaQ17BY7+kt3pFUdxN58VuJ1Gb8raARV 7fS+0TP8mmPSjx9xDMPJYZeOY/am0kPFN0jax2iYo1pi3un7rW9PUvNYTiw+Uv2EJeFx lbDRJZvThJQ3ey8Y8+57LxINPQfPkqiozwmNhsdjDAiIW05JHrHCzt/oBfTNGXV6r83Y Vn2hteYMjWkiSAH0BvuS68Es8Ysxg7ice1nqnfGkM9YvTG7f67V0Ka9H5beeZw7qxm0c jwBwvtFC44O7TBq3ua1HjRuPIHPaAt30L0ebQVZqP23kGEtnWOkAZM0vVTNXkm9Tjqbr trSA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:dkim-signature; bh=XxoI/2VlT5dzndbxzOo26UkCwApZPJ1elFayJQpOHwY=; fh=MmpS4gusgu6RDEUcb8PJzx5Ay7NUYqxFlLPAlW4/s/8=; b=VK4E1aF2mAjRzFX/4Mbrd1cOsuM/LSWD7V47+CRKXJTizvyaF7Wph6uVgmGbilz/D6 Me1GzteaKELR9B1bg6WQK8M2yFukgHgo+C4PFKl9yx6LVzbUNl1ik73JXaRmvLjviakX jVba7SHowTZZouVGHY95dVw/ZIdjT/egw6JPMm5GGDv4t0QfwV4hcIT9GuyXanJIv8nN qoe0oGORU+HyMJAfwkVjVEVbZv4IhuD1cfrNBksUz12T6MxqMUYD5iABRaGtJDBEzSL/ 04/hsRI1lFBHw1Uvd0BsWDvMKex84c8Y908jYPs3K6+dbjhI4sGHc+4o26pf+9ZOJpDp U64w==; darn=ietf.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1773673612; x=1774278412; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=XxoI/2VlT5dzndbxzOo26UkCwApZPJ1elFayJQpOHwY=; b=hlbFLVtCUzio6z44J0IJ5hdao2SPxyGyximfuaXoK6PuRFWJCrDvlNT6Kr0EBZ6GOw X4+F7ZYwwef9G7VA7uYdju12w1QfMwL+jWJL/8uUdcCJH+UVen0wh4AJ9117zIOOjDT/ TKh1wiw6z60HsadlG6PMuVjDMziqXlgTXqw8Oyjuue+mhJDjydQtHaLBB0UacufOeIkY hbufHdao6IBzLfD+Fd46CYNRxBNtR/gzUwegD6Vzt3Fc3HjxmZVY7sV1KkE+tId4B/pD caqL5oR+s98oY24nxvjv59mioN0eMKHrrYsZfK4wKbgZh8ZFNSKSAymNyK1q8HbFQkks 1Zng==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1773673612; x=1774278412; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=XxoI/2VlT5dzndbxzOo26UkCwApZPJ1elFayJQpOHwY=; b=fjSWx9nvbzp5B880IBKfqfcVoproladnZhsYl+IKvTytYHhchco8boa0D0jnbL+UvM Sm2rv0boaZU/IcOEdoOWe1kbKXOltWF1uOJ4O29FX6Pel6PNW5G8dM3DYZxCNEGxAh2i qATMQGixvLF25TI9S8+PCz4qwaq914wcNXREj5mfaFudIh9JC8P6DK69LX+YL1eaOHaH oo0+JJIgjaXkxAnKQ2GcpXtbFTuqIyef0Y0DgbDMyfUe/+xNTpK9AmFCkQiWYgGATz9s /4WUL9YjNV0JDqTYC8OdgmEBBlbgC/CPG63qbaEe1iu3qVt8p92u8sU1HA25GbnQvA9p G5DA==
X-Gm-Message-State: AOJu0YxaUSGs7GGpVI/PTAXmoEC4UGrHzYOHGl0ZaN2rjEIisG6pgc8h IXlZlKAtGW5sCV9i1nAyfAxnZTQNQju2puLfMTXcsLZyKnlZ6sswJo2dJATe6Eilj4xeChBKvIG JzKomsgYZ1+WNxCHseE1QieXrpN2bXUU=
X-Gm-Gg: ATEYQzxcYn9vvXF/Shr3hqTR/0mBalb4fPfxKvu6Iznlhh04hrGOeocJG0qnID4zaUl GPGbLB2c8+ehqacPqv5HE7avGoqGShhGYdL9wtSaHZbq/hc3TBcfOaYUuhKsdLmEXnsD+8OxknR 7eLJ5duxi1mH9+dM6ufNQ6OPMadeeuhH/kRKBJLhmwcGHLvkC55R5dPheMDIPr1Ro1srEzaYZpF nHYHtsR6bnaCfE5Ikv8gVkn0k3GZce4uQ23kMHdJTNpKbP+s5BfodwQ8nfeFisg5bP2rOmGg1QX ZGxf1xiFHkav62B3EvaCgke/N8lyzCCh5zcaVGOWP+Vc8errJhY2e21wY2kUMrxeCjA=
X-Received: by 2002:a05:6870:b2eb:b0:417:532c:f10 with SMTP id 586e51a60fabf-417b9423edamr7431598fac.40.1773673612100; Mon, 16 Mar 2026 08:06:52 -0700 (PDT)
MIME-Version: 1.0
References: <RT-Ticket-1443105@icann.org> <4c1am10gjw-1@ppa2.lax.icann.org> <rt-5.0.3-362154-1770103876-340.1443105-9-0@icann.org> <CAJm83bCxDhKpF8WGR8qgETetYuHVTZAQmOh=MW_Ezb5cLfKovQ@mail.gmail.com> <CAJm83bB8HaNh2Ee-ZnxRJ4MxdgxnJrrsMDV7ek+FvjbUbR3daQ@mail.gmail.com> <rt-5.0.3-172761-1771173431-656.1443105-9-0@icann.org> <rt-5.0.3-622195-1772127793-884.1443105-9-0@icann.org> <CAJm83bDGTU_+vduK8kYjFHQFkNgd0jtyrxmte1Yxk8TnF2g+Hg@mail.gmail.com>
In-Reply-To: <CAJm83bDGTU_+vduK8kYjFHQFkNgd0jtyrxmte1Yxk8TnF2g+Hg@mail.gmail.com>
From: Daniel Franke <dfoxfranke@gmail.com>
Date: Mon, 16 Mar 2026 11:06:41 -0400
X-Gm-Features: AaiRm50qwqP8zZSM2j2dubanJlYQYISjP7Fab989n8wsNc-n8ddf0vkQ91l2NH8
Message-ID: <CAJm83bDu-=UrpC4ZGUu0Xp+QWt-H-_xLO4-m_W-3T=HQ+B-ZAw@mail.gmail.com>
To: david@venhoek.nl, iana-prot-param-comment@iana.org, Miroslav Lichvar <mlichvar@redhat.com>
Content-Type: multipart/alternative; boundary="00000000000098c9c6064d259193"
Message-ID-Hash: 3HWVUOE6G2ZGS6GCG6FG3BLU6OJEJL5H
X-Message-ID-Hash: 3HWVUOE6G2ZGS6GCG6FG3BLU6OJEJL5H
X-MailFrom: dfoxfranke@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ntp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: NTP WG <ntp@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Ntp] Re: [IANA #1443105] Request for Assignment (nts)
List-Id: Network Time Protocol <ntp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/BvSbpvk5LPCuPRsd3A82kO-5TG8>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Owner: <mailto:ntp-owner@ietf.org>
List-Post: <mailto:ntp@ietf.org>
List-Subscribe: <mailto:ntp-join@ietf.org>
List-Unsubscribe: <mailto:ntp-leave@ietf.org>
Hi, checking in on the status of this request and how people would like to proceed. I see that the working group has now reached consensus to adopt the draft and that it will proceed with no major technical changes, documenting the experiment as it exists rather than altering it. With my Designated Expert hat on, it remains my position that although I disagree with some design choices, none of my disagreements are any cause for rejecting the assignment request under the Specification Required policy and I'm happy to let it proceed. I defer to WG consensus as to whether and when the assignments should be made. On Thu, Feb 26, 2026 at 12:58 PM Daniel Franke <dfoxfranke@gmail.com> wrote: > Yes — I wrote yesterday to NTPWG elaborating on my thoughts: > https://mailarchive.ietf.org/arch/msg/ntp/-3LOoruv4F3zDtL0EO5BbyMlZoA/ > > Today David wrote > https://mailarchive.ietf.org/arch/msg/ntp/DZfoszWPH4A0Whoe7lql8WE_JMo/ in > reply, and it sounds like he's withdrawing the draft as a CfA at least for > now. If the authors intend to pursue this design independently of the IETF, > then my objection that these allocations are premature no longer applies. I > would still strongly urge David to consider my recommendation to run the > pool<->time source portion of the exchange as a non-NTS-KE protocol > multiplexed on the same port via ALPN, and also to use TLS's existing PSK > facilities in place of the authentication token of section 6.7. However, > whether he takes my advice or not, I see no further basis for refusing this > request for assignment. > > On Thu, Feb 26, 2026 at 12:43 PM David Dong via RT < > iana-prot-param-comment@iana.org> wrote: > >> Hi Daniel, >> >> Following up on this; have you had a chance to further review this >> request? >> >> Thank you. >> >> Best regards, >> >> David Dong >> IANA Services Sr. Specialist >> >> On Sun Feb 15 16:37:11 2026, dfoxfranke@gmail.com wrote: >> > Apologies that I'm traveling this week and won't be back at a proper >> > keyboard until after the response deadline so these comments will be >> > brief >> > for now. On further review, I continue to agree with Miroslav that >> > this >> > request is premature and that early allocation should wait until after >> > WG >> > adoption and further discussion. Furthermore, though, I think this >> > protocol >> > strains the semantics of NTS-KE more than I'm comfortable with and is >> > going >> > to create a high risk of vulnerabilities through implementation errors >> > in >> > the treatment of requests that mix pool-related records with ordinary >> > records. My recommendation would be to turn this into an entirely >> > separate >> > protocol which multiplexes on the NTS-KE port by way of ALPN. >> > >> > On Thu, Feb 5, 2026, 09:17 Daniel Franke <dfoxfranke@gmail.com> wrote: >> > >> > > ACK on the review request, but I'll need a bit of time on this one. >> > > My >> > > quick first impression is that I agree with Miroslav that the >> > > allocation is >> > > a bit premature, but I might change my mind on further review. >> > > >> > > On Tue, Feb 3, 2026, 02:31 David Dong via RT < >> > > iana-prot-param-comment@iana.org> wrote: >> > > >> > >> Dear Miroslav Lichvar, Daniel Franke >> > >> As the designated experts for the Network Time Security Key >> > >> Establishment >> > >> Record Types registry, can you review the registration proposal >> > >> below? If >> > >> it's OK, we'll make the assignment at: >> > >> >> > >> https://www.iana.org/assignments/nts/ >> > >> >> > >> Specification: https://trifectatech.org/specifications/nts-kelb- >> > >> pool.html >> > >> >> > >> Unless you ask us to wait for the other reviewer, we’ll act two days >> > >> after the first response we receive. >> > >> >> > >> The IESG has asked us to request that reviews be returned within two >> > >> weeks, which in this case would make the due date February 17th. >> > >> >> > >> With thanks, >> > >> >> > >> David Dong >> > >> IANA Services Sr. Specialist >> > >> >> > >> On Mon Feb 02 08:04:39 2026, david@venhoek.nl wrote: >> > >> > >> > >> > Contact Name: >> > >> > David Venhoek >> > >> > >> > >> > Contact Email: >> > >> > david@venhoek.nl >> > >> > >> > >> > Type of Assignment: >> > >> > Requesting 7 specification required assignments in the Network >> > >> > Time >> > >> > Security Key Establishment Record types registry for extension >> > >> > fields >> > >> > with the following purposes: >> > >> > - Keep Alive >> > >> > - Supported Next Protocol List >> > >> > - Supported Algorithm List >> > >> > - List Server Names >> > >> > - Fixed Key Request >> > >> > - NTP Server Deny >> > >> > - Authentication Token >> > >> > Details for the registration are given in section 8 of the >> > >> > specification provided below. The specification also provides >> > >> > detailed >> > >> > descriptions of the functionality of the record types requested. >> > >> > >> > >> > Registry: >> > >> > Network Time Security Key Establishment Record Types >> > >> > >> > >> > Description: >> > >> > This assignment is requested to enable us to transition to a more >> > >> > permanent setup for an NTS pool, which, assuming sufficient >> > >> > funding >> > >> > towards the future, will be able to be run indefinitely. >> > >> > >> > >> > Additional Info: >> > >> > The specification is at >> > >> > https://trifectatech.org/specifications/nts- >> > >> > kelb-pool.html, and will be hosted there permanently. After >> > >> > assignment, section 8 will be rewritten to reflect what is >> > >> > assigned, >> > >> > and all references to to-be-allocated numbers will be updated, >> > >> > with >> > >> > draft implementation numbers removed. >> > >> >> > >> >> >>
- [Ntp] Re: [IANA #1443105] Request for Assignment … Daniel Franke
- [Ntp] Re: [IANA #1443105] Request for Assignment … David Venhoek
- [Ntp] [IANA #1443105] Request for Assignment (nts) David Dong via RT