Re: [Ntp] Comments on Roughtime
kristof.teichel@ptb.de Mon, 15 August 2022 09:08 UTC
Return-Path: <kristof.teichel@ptb.de>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE2BDC1522A2 for <ntp@ietfa.amsl.com>; Mon, 15 Aug 2022 02:08:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.406
X-Spam-Level:
X-Spam-Status: No, score=-4.406 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ptb.de
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aSFjdEuBXHkG for <ntp@ietfa.amsl.com>; Mon, 15 Aug 2022 02:08:26 -0700 (PDT)
Received: from mx1.bs.ptb.de (mx1.bs.ptb.de [192.53.103.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8814CC14CE36 for <ntp@ietf.org>; Mon, 15 Aug 2022 02:08:25 -0700 (PDT)
Received: from smtp-hub.bs.ptb.de (smtpint01.bs.ptb.de [141.25.87.32]) by mx1.bs.ptb.de with ESMTP id 27F98MFl005437-27F98MFn005437 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for <halmurray@sonic.net>; Mon, 15 Aug 2022 11:08:23 +0200
In-Reply-To: <20220814043300.76D0128C1EF@107-137-68-211.lightspeed.sntcca.sbcglobal.net>
References: <20220814043300.76D0128C1EF@107-137-68-211.lightspeed.sntcca.sbcglobal.net>
To: Hal Murray <halmurray@sonic.net>
Cc: ntp@ietf.org
MIME-Version: 1.0
X-KeepSent: 518055A0:D0809F2D-C125889F:00313389; type=4; name=$KeepSent
From: kristof.teichel@ptb.de
Message-ID: <OF518055A0.D0809F2D-ONC125889F.00313389-C125889F.003232B6@ptb.de>
Date: Mon, 15 Aug 2022 11:08:11 +0200
X-MIMETrack: Serialize by Router on MAILGW01/PTB at 08/15/2022 11:08:22 AM, Serialize complete at 08/15/2022 11:08:22 AM
Content-Type: multipart/alternative; boundary="=_alternative 003232B4C125889F_="
X-FE-Last-Public-Client-IP: 141.25.87.32
X-FE-Policy-ID: 5:5:5:SYSTEM
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; d=ptb.de; s=s1-ptbde; c=relaxed/relaxed; h=references:to:cc:mime-version:subject:from:message-id:date:content-type; bh=CxKkp2Kw3RrPVIrFtfDP82Aqz6qoG3YwqGL+Mi4F7G4=; b=Y58EjsBD990tVOe42imLazZra8LNzIX/HzCJnUjh6hWMjo2SSqkvA96q5E4ezuwZEPBT4Uh81dJI de63J6Q6+DTw2i43lPxGfQFXRkiCcx34KJ+TFxaAtYzfygi9/6QD3cJXcuvXbeXsEpR19Wbdslmw bM7IBr3SnEqW15RQW0QqHOaTSTG3g1RQC7P3zes0eZRlFeXO/L2+uz+KQm7bER8zQkt+hWk/GztU 2NhwGrbr32/5fh5y1E4MZ9PRez0RhXi0Nl7rZV5UlGvONBCPwL4K5fUZadOoO/cuMZLvxg0L99xz aolZJEjiFaR1mnSxFJH++bctjEE0zBH1Y6cJpQ==
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/CUDm4j_9EsgDBUXw2zrwLr9zGmw>
Subject: Re: [Ntp] Comments on Roughtime
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Aug 2022 09:08:30 -0000
Hi Hal, replies in-line. Besten Gruß / Kind regards, Kristof Teichel __________________________________________ Dr.-Ing. Kurt Kristof Teichel Physikalisch-Technische Bundesanstalt (PTB) Arbeitsgruppe 4.42 "Zeitübertragung" Bundesallee 100 38116 Braunschweig (Germany) Tel.: +49 (531) 592-4471 E-Mail: kristof.teichel@ptb.de __________________________________________ "ntp" <ntp-bounces@ietf.org> schrieb am 14.08.2022 06:33:00: > Von: "Hal Murray" <halmurray@sonic.net> > An: ntp@ietf.org > Kopie: "Hal Murray" <halmurray@sonic.net> > Datum: 14.08.2022 06:33 > Betreff: [Ntp] Comments on Roughtime > Gesendet von: "ntp" <ntp-bounces@ietf.org> > > > Section 5.1.1 int32 > You are using signed-magnitude when int32 is widely used to mean 2s > complement. > It doesn't even say "sign-magnitude until the second sentence. I suggest > switching to 2s complement. If you don't want to change the bits onthe wire, > split it into a flag and an uint31. > > Sections 5.1.1, 5.1.2, 5.1.3: int32, uint32, uint64 > All are "least significant byte first". That's little endian. The IETF is > traditionally big endian. I don't know if you can get that past the > appropriate reviewers. If you can, it needs some SHOUTING TEXT > warning of the > non-standard usage. > > > Section 6.2.5 SREP > > Servers MUST ensure that the true time is within (MIDP-RADI, MIDP+RADI) at > the time they transmit the response message. > > This gets into an interesting can of worms. What does MUST mean in this > context? I picture clock errors as having long tails. How many 9s to you > want? What's the right way to think about this? > > Section 6.2.5, last sentence > ... server does not hold any updated leap second information. > Why the updated? I think it makes sense if you remove it. > > Section 12 Security Considerations, second paragraph. > Maintaining a list of trusted servers and adjudicating violations of > the rules by servers is not discussed in this document and is > essential for security. Roughtime clients MUST regularly update > their view of which servers are trustworthy in order to benefit from > the detection of misbehavior. > > That conflicts with solving my 10 year problem. > (My 10 year problem is a spare that sits on the shelf for 10 years. > That box won't have a RTC so it won't know the time when first > plugged in. Traditional certificates will have expired...) I find it obvious (and maybe we should have a document stating this, as it still seems to be a point of contention) that nothing (!)will truly solve your 10-year problem. You can take stuff very far I guess with human intervention on each device (i.e. manually setting its clock to roughly the right time), but really that effectively only means "unless a bad actor human can get physical access and the right access codes". And with network protocol means alone, you can certainly improve chances that the individual device will happen to get it right, but if you assume a total lack of knowledge of current time in at least one direction (i.e. a device might have "hardcoded" some date that is 100% already past, but you can't possibly do that for a date that is 100% not past) and you also assume bad actors really trying to get the best of that device... then the device is simply out of luck. > There are 2 types of misbehavior: bugs and evil. > > I didn't find any discussion of how many servers to use. With 3 > servers, 2 can outvote 1 bad guy. ... I think the same logic > applies to NTP servers and Roughtime servers. Chronos may get > tangled up here. Yup, AFAWK anything will ultimately adhere to byzantine fault logic: you need 3n actors overall to even enable (!) countering n bad actors. > Maybe we should start another thread. Part of the > discussion would be how old is your list of trusted servers. > > I didn't look at any of the Merkle text. > > > -- > These are my opinions. I hate spam. > > > > _______________________________________________ > ntp mailing list > ntp@ietf.org > https://www.ietf.org/mailman/listinfo/ntp
- [Ntp] Comments on Roughtime Hal Murray
- Re: [Ntp] Comments on Roughtime kristof.teichel