IETF Logo Mail Archive

[Ntp] Antw: [EXT] Re: NTPv5 draft

Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de> Wed, 09 December 2020 07:18 UTC

Return-Path: <Ulrich.Windl@rz.uni-regensburg.de>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D646B3A0D1C for <ntp@ietfa.amsl.com>; Tue, 8 Dec 2020 23:18:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kgSpzzklv9vv for <ntp@ietfa.amsl.com>; Tue, 8 Dec 2020 23:17:59 -0800 (PST)
Received: from mx2.uni-regensburg.de (mx2.uni-regensburg.de [194.94.157.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0CA563A0D29 for <ntp@ietf.org>; Tue, 8 Dec 2020 23:17:58 -0800 (PST)
Received: from mx2.uni-regensburg.de (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 4DBA76000054 for <ntp@ietf.org>; Wed, 9 Dec 2020 08:17:56 +0100 (CET)
Received: from gwsmtp.uni-regensburg.de (gwsmtp1.uni-regensburg.de [132.199.5.51]) by mx2.uni-regensburg.de (Postfix) with ESMTP id 3221F6000048 for <ntp@ietf.org>; Wed, 9 Dec 2020 08:17:56 +0100 (CET)
Received: from uni-regensburg-smtp1-MTA by gwsmtp.uni-regensburg.de with Novell_GroupWise; Wed, 09 Dec 2020 08:17:55 +0100
Message-Id: <5FD07A1F020000A10003D68D@gwsmtp.uni-regensburg.de>
X-Mailer: Novell GroupWise Internet Agent 18.3.0
Date: Wed, 09 Dec 2020 08:17:51 +0100
From: Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de>
To: Rich Salz <rsalz=40akamai.com@dmarc.ietf.org>, james.ietf@gmail.com, mlichvar@redhat.com
Cc: Dieter Sibold <dsibold.ietf@gmail.com>, "ntp@ietf.org" <ntp@ietf.org>
References: <20201201081203.GB1900232@localhost> <2B8C7410-DFA7-4A87-A33E-F50FFA96D0F9@gmail.com> <20201201100305.GK1900232@localhost> <F62C1325-8409-474C-9650-FA96405D0F4B@gmail.com> <20201207104541.GE2352378@localhost> <E0159612-5D83-4A0E-BBD1-1D75C0B49226@akamai.com> <20201207153444.GO2352378@localhost> <1204B871-7728-45DA-B628-8F79BD074A96@akamai.com> <20201208095046.GT2352378@localhost> <D15AF5B4-F976-44D6-B8E7-986E3B8CE23D@akamai.com> <20201208150725.GX2352378@localhost> <6d7daa5e-8537-a3a5-a5c3-2468be4c2918@gmail.com> <011F3D82020000AD6A6A8CFC@gwsmtp.uni-regensburg.de> <42E7D41602000042824A10E1@gwsmtp.uni-regensburg.de>
In-Reply-To: <42E7D41602000042824A10E1@gwsmtp.uni-regensburg.de>
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Content-Disposition: inline
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/CnUcaAppNUYSKG-2uje-rAqfftE>
Subject: [Ntp] Antw: [EXT] Re: NTPv5 draft
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Dec 2020 07:18:01 -0000

>>> James <james.ietf@gmail.com> schrieb am 08.12.2020 um 16:51 in Nachricht
<6d7daa5e-8537-a3a5-a5c3-2468be4c2918@gmail.com>:
> Given so many existing deployments end up running for many, many years 
> the next version of NTP will also be around for a long time. Extensions 
> and bolt‑ons alone will not suffice in assuring the protocol's 
> longevity, and that there is clearly a lot of work that must be done 
> with the core of the protocol to address ossification, agility, as well 
> as security. I would rather see NTPv5 solve these issues and take longer 
> in its design than just deal with the "quick fixes", and I'm prepared to 
> invest a significant portion of my own time and energy to support the 
> efforts.

I agree: Most "quick fixes" from the past have lead to long lasting grief in
the future. Autokey being one example?

> 
> ‑ J
> 
> On 08‑12‑2020 15:07, Miroslav Lichvar wrote:
>> On Tue, Dec 08, 2020 at 02:20:47PM +0000, Salz, Rich wrote:
>>>>     If you propose something, there should be a technical explanation
>>>      provided.
>>>
>>> I'll claim that I already have, but to restate and scale it down a bit:
all 
> messages sent by a server must include authentication and tamper‑proof. I do

> not believe anything less is acceptable these days.
>>>
>>> I am leaving it vague so that the WG can figure things out.
>> As others explained, that is a difficult problem. A feeling about what
>> is acceptable is not helping if you don't have a solution. NTS relying
>> on TLS is the best thing we have now. If it has a 50% share of global
>> NTP in 2030, I think it will be a great success. Currently it is 0%.
>>
>> We have identified NTPv4 issues that we want to have relatively
>> quickly fixed in NTPv5. If someone figures out solution that will make
>> authenticated NTP universally usable, it can be adopted by NTPv4, v5,
>> or whatever version exists at the time. This effort should be separate
>> from NTPv5.
>>
> 
> _______________________________________________
> ntp mailing list
> ntp@ietf.org 
> https://www.ietf.org/mailman/listinfo/ntp

v2.23.0 | Report a Bug | By Email