IETF Logo Mail Archive

Re: [Ntp] Secdir last call review of draft-ietf-ntp-mode-6-cmds-08

Brian Haberman <brian@innovationslab.net> Mon, 15 June 2020 15:29 UTC

Return-Path: <brian@innovationslab.net>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA7C83A0E3D for <ntp@ietfa.amsl.com>; Mon, 15 Jun 2020 08:29:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=innovationslab-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bJ10GRMqZmlj for <ntp@ietfa.amsl.com>; Mon, 15 Jun 2020 08:29:50 -0700 (PDT)
Received: from mail-qt1-x82a.google.com (mail-qt1-x82a.google.com [IPv6:2607:f8b0:4864:20::82a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 688873A0E87 for <ntp@ietf.org>; Mon, 15 Jun 2020 08:29:47 -0700 (PDT)
Received: by mail-qt1-x82a.google.com with SMTP id j32so12866363qte.10 for <ntp@ietf.org>; Mon, 15 Jun 2020 08:29:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=innovationslab-net.20150623.gappssmtp.com; s=20150623; h=to:cc:references:from:autocrypt:subject:message-id:date:user-agent :mime-version:in-reply-to; bh=teZAyoi+lGBRZw9VpGFAfNT6hIInii8q7T87C/jV5MU=; b=FaHq74bnRQZpCgU8hk+x1JQ7nHCctUtVGlyrNnjLt1krEBhUQLVyYlaHFNp8gXU/+k CrmpsU6olnzpgPU6MXF4n/jp1n/Y99dTZPWs6kCWCkUFv2shGLVd4JZSgI7fy1iZFs0w Dn3g3AjYLDCTx7xTjmAarR2fIVrYd/JPlHn78OtquFsQBSLaLbO+N9thD1YQDrUNAXUH rrKkqEuiCNcCYtxFQ2keqFhuxt7DDvVAwFBTU0OPNp2RTBezMjyJ7QW7FvqRDCwKXeRf DdX5eBp0XMtBgBLzmAK/jRxZV5TZslhtkKxzuwMv8iuY65Fa1WnY9/36zZUVw1e78NEn QaIA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:cc:references:from:autocrypt:subject :message-id:date:user-agent:mime-version:in-reply-to; bh=teZAyoi+lGBRZw9VpGFAfNT6hIInii8q7T87C/jV5MU=; b=Kd+u/wM+DOXnUUCsOzpDACvRg38aCEEKz4FChszaGS3iWhzXy9P88YEvvqgqoAqYDY E3IAlZucLMri/B+uuKOQNRuXbxQpcELblO+1H9W6xH33EiMsrK33fOVOoo+7bGcnXTu+ 0tqYVrLoZKcnWbwCcKbvr0sY33u2IzDFgRSVoeCeXCvz5NZmMMAus0x0SFLzfs326fFZ Dmyj1AbwpUoqpXMpAMk2BQRMVV04pt9iumN29bOiwlLd/L53nYio8dRjgqgCU8BpiE9L OanX+zFmeIPK7YbMex1IoZE5iOllnJV799iXMnxBBzCMpylu792Ht+fjQ7QfxAuq3zvk jCAQ==
X-Gm-Message-State: AOAM533S3weE4dGCCLu5WJsu3Kq29ZN5hf1ll/IbvPopAHC47FIjav5P o0vnRMiWbxbtnx7v/yMAysGFey4K6B9LpFUZ
X-Google-Smtp-Source: ABdhPJyQq308SbL+nOL2jz3KfWNo2qkCcDcy5ZddpM2cIO9vDm2IMEuZ9UDKLGJUSboY5Idl7/zB6w==
X-Received: by 2002:ac8:3551:: with SMTP id z17mr16186914qtb.139.1592234985960; Mon, 15 Jun 2020 08:29:45 -0700 (PDT)
Received: from clemson.local ([2601:154:c001:f99e:89bb:abe5:8ba6:8676]) by smtp.gmail.com with ESMTPSA id i40sm13319630qte.67.2020.06.15.08.29.44 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 15 Jun 2020 08:29:45 -0700 (PDT)
To: Harlan Stenn <stenn@nwtime.org>, Daniel Franke <dafranke@akamai.com>, secdir@ietf.org
Cc: draft-ietf-ntp-mode-6-cmds.all@ietf.org, last-call@ietf.org, ntp@ietf.org
References: <159206148916.27533.2080482554461273224@ietfa.amsl.com> <4251f262-22f7-3b7d-41d4-e0c3ef1da1b8@innovationslab.net> <ea8aff7c-35fa-6d64-3a75-21b31b45a9d9@nwtime.org>
From: Brian Haberman <brian@innovationslab.net>
Autocrypt: addr=brian@innovationslab.net; keydata= mQINBFm5KgYBEACs2icafejrG19L5DRNFq8Q2O+K+LRxjR4qAElZDnXFXNA2ipFWPeT0J2wa KJ+h9UdfhDm8DzULB553CYm+Q3XF1N56TglkIRMZYc7mYXZEr3x7e4fmX4kD4qMjBLG8cL26 rEe3Q0qaiMGY69/4o5coVMT0qmHjgCH1tkG+L2Y8MKr1gFxS18eO8MVoWe1yDKuyxFSElHGB 3mZn4gcqeCaemPGG3CiVNlp4KnijpNcSgvseXbkQEA4IXEsIvUL8MIwOTXg9Gh5cbtisZpuf +4B0LNMUSqWlqyKd9M3KCMj+dW4vsFytc00Z+GyQ+ArOR9GwTdAwJ5qqVODTvbjKqOR1zolJ 1JxLUtSiv7Lx5x2OrCexPYXkzlTkjG9Imtg2XNh55R/JKMC3KU1NQL3nS9tJXeoRWNgWSZrG MsrbeejbqLVb9LblXNpgLciJ96XHMvYAXX7p4LAwivzSRrVg46vErYIAV6EvDvwVENWW8JCU 0vX5iTGfkEwU4KxCa7WAmmD8yiNspHP1J0uk93Sta5K0PuTi7b+EZlCjdrqOEWLGPv6qXlIu FwLLcCaDs3XdVvwgNM+UFRxFH1aOVQQKCiCOCcNlwgYG1u4ZbD2T6hd/d2tOAKu/MNnQVF7d Cfi2BtSjzglLcY61e37zqTM04BgU+LniZ7V99yneM6DM2UzgkwARAQABtClCcmlhbiBIYWJl cm1hbiA8YnJpYW5AaW5ub3ZhdGlvbnNsYWIubmV0PokCQAQTAQoAKgIbAwUJB4YfgAULCQgH AwUVCgkICwUWAgMBAAIeAQIXgAUCWbkqSAIZAQAKCRBo1jycU9GLYQixD/9UX0uiAvbJ+4dK z3Ne3kUdDK0Lk73RGfFgE/ezsc9I6ED82h+arC8pAoDnBWgzTxugZdbexek983bgMq02XFsG pJf7hudeKnB8UmtjTc0j1UUgi129FYyBmINS2Lz1gpEOygFfbeOGLJK5qZJwD3I3O6yN8SUZ uwahXXd1aEB+d1eGhNqxkjQ+L7vdfTlN662GWog3ROMwUbrg0+QAbn/Vlp2iIYO6VERUZ9Yr GfFJX9b9LKa6AHxzAaqFIix1h2wBiIacpIBGU/4+3+wL5zkCbGSRzoIHW8srllj7ehgwwfNx QevibuZWJ4XpHpIxrtsmBO7ERFk8pN7oiQ9M3b2Cg9OBD5vgxyMCHEKIblWyKz8GLtz5357L ORU1EBWB8BoJPBHz3u7bZE+jH9+w5PpI087Ae78KCDkTNj7o2wbkRoYLmLpMo8DOwAumyy5R 2DuRu0cn5Rw5pFjlJkyfM0Wf80Ml/SINrUORWeqSbsHSX8i+Y0Oyt5JNo9NFbgN0Gn/Qo364 I8cLgbvUAyFHwhnmbHB+QXFCGAy73NOQ+g2fCRPeSbihhYa34ugfmd4oa6W2w805ixzM7iGr P+wDB1dhA7eHKVmoo9Kxvm9VzU+2homYGEROd/H6n0BMvWtp1oFh/JvEgZN6dVLg3p+XX5Zj Ggy568bIY4P5kP7pAxh017kCDQRZuSoGARAAtCWxW1cRne/iGbFuibvB8d3upcbCB7oz4LWk LSE20Db2ymn04ici9V+wBSWX57me5jQdwMi/gzVVZcupbzWTg5Yhv7Qt7CKORJLEKo6nULbb 4aEpdOXD9s7wwx+foFjzjtDOH/JYoB+OEe2oW39VmK6EsIx7ClsLf6+cih5yApZHtmV+2M3J YSxD2kCUE619ITFLAkMf203ap5vJ6DDaaKnVoNhF9qV7jlJEceGqHTBG4KkBX/zNCehMIfhr ViY/B2IWAHeuZ99lnCPx2mehGGa4XLjQauUkY9KB7dOq/ODyt+7SL0dfWrOVf3BnU3C308b4 9YdId8KI4dJ30nfXn6ifTK9STZHZE+Mt1sIVmtEguqMXEk/axZmT14x194c7ZPmU/uCQTE3U y1NFs4Yof50WF1ze0CyN2ycmqx11mHjP5+L23TqcdIWmJG+EtdHUAFpu42kbB0fML3Oc/cEU SmWK3WpF5YPljLM2gyh3RXjuiBnaGoJaKTOj5zXQ2G2l3/ijbn9FbqmFup+R352dxUyakXEP xNe3HdyjfyUcy/RJNeZz/lgUIhkxWQjOOU1RIN41RtCKcF9tJjMwgQvI51QmPvf90/6ab3I/ vwEpjlRb4AbuWfPWe89J+Z3TG97V9sntlMcQ6MGiPLbyFpiXIf2150e6FxZdJtipVwY2d/kA EQEAAYkCJQQYAQoADwUCWbkqBgIbDAUJB4YfgAAKCRBo1jycU9GLYfy0EACYrxb4nWtOnIu0 N7rXXo/0ZjaBTyUhJ6hzy2D7rt3vv/qj2ui+N21ui/yMDS928za/XRfP25qN9A1puioHqN4l SAsxwCC3mT9GJXVXVgivg3MeciqBXoOdnk1hUkP1CTKL3qZ9pSuw8bPlNE7+b1xF7Oce37YH +QRVmBXbGwTxtDTCZ9Js0/IpiUtg9QCfmryB1r/fD0TFb8b9aCBuVeKocWSuX9UXRt7zRGM8 BJwOLvdLdGvV8us1imlBKFLai4L8CPgihuc/s7ZB0r3pgW697hXScWhGHF3OUWbPFVkNyivM xtDcq+9ZlUMrxFbwUEABi8NFwvzwn+YJQqlrPiF4xxsScYpnIlfWEuP6Vpp6Z/u5x+1MNyZb oxNWWaevMVeo3tdRV9F6/YFqucw4JQ9HqlCKQ62sW9+e5SSlxGNlV4j9cchG6a4fAZqxL+pS ks+KitK3ap/R4RUG+nbjLlhCwGJIti8lxvdYAoPqjtwEUmMJv4dIl0/2h1495cwBIi7XeRKZ Rx38TV3G3LCx0J8dFhkyTG5TxUZQFgHjznkIX7bzeSQX72MxT0b/tc38yM71WpAgAY+MlHCT FQRKqIQsH/4MFir+g/oV2uPNGwmg0QEOnv9zZ79JJ/nBmuXC2RwUVTtZgtiZXhaP0afvR0eg WPEzptIZZCSmtBOOYkfsAw==
Message-ID: <0b850187-0596-c9fd-6667-e571f7ef5ef7@innovationslab.net>
Date: Mon, 15 Jun 2020 11:29:43 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:68.0) Gecko/20100101 Thunderbird/68.9.0
MIME-Version: 1.0
In-Reply-To: <ea8aff7c-35fa-6d64-3a75-21b31b45a9d9@nwtime.org>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="Yn8juVrN9MMyKxJlN289hwQ2PbVAPjoNk"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/CKfqOU3vjP7oediUVHjpfamrXj4>
Subject: Re: [Ntp] Secdir last call review of draft-ietf-ntp-mode-6-cmds-08
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jun 2020 15:29:52 -0000

Hi Harlan,

On 6/13/20 8:26 PM, Harlan Stenn wrote:

>> SNMP exists and the NTP WG published RFC 5907 to cover the MIB support
>> needed by NTP. I believe that also counts as a better alternative.
> 
> Unbelievable.
> 
> TTBOMK, the only implementation of 5907 is the one in the reference

Interesting statement... After a cursory search, I found that Cisco
implemented 5907 in 2012.

> implementation, and in the 12 years it has been out there we have had NO
> reports of it being used.  Furthermore, it was implemented USING MODE 6
> PACKETS!
> 

Not sure why you would implement SNMP support via an NTP auxiliary
protocol, but that is your choice.

> The only known SNMP interface to ntpd, ntpsnmpd has not seen significant
> updates since 2010.
> 
> The mode 6 interface to ntpd, ntpq, remains in continuous development
> and evolution.
> 
> Please identify any other implementations of 5907.  If you find any, how
> significant are they?  Are they proprietary 5907 implementations?  What
> implementations to they work on?
> 

I would need someone from Cisco to verify, but it seems like their
implementation is based on 5907.

> Please show how SNMP is a better way to monitor and control NTP than ntpq.
> 
> Please show me a working deployment of SNMP controlling NTP, and then
> please compare the number and quality of these deployments with those
> that do the same with ntpq.

I am not going to dignify that demand with a response. The WG consensus
is the WG consensus.

Regards,
Brian

v2.23.0 | Report a Bug | By Email