Re: [Ntp] Call for adoption: draft-schiff-ntp-chronos

Neta R S <neta.r.schiff@gmail.com> Mon, 02 September 2019 12:49 UTC

Return-Path: <neta.r.schiff@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 38966120119 for <ntp@ietfa.amsl.com>; Mon, 2 Sep 2019 05:49:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZWFjtK-jHWjn for <ntp@ietfa.amsl.com>; Mon, 2 Sep 2019 05:49:33 -0700 (PDT)
Received: from mail-lj1-x236.google.com (mail-lj1-x236.google.com [IPv6:2a00:1450:4864:20::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 41CC8120110 for <ntp@ietf.org>; Mon, 2 Sep 2019 05:49:33 -0700 (PDT)
Received: by mail-lj1-x236.google.com with SMTP id j16so6586029ljg.6 for <ntp@ietf.org>; Mon, 02 Sep 2019 05:49:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=66AS7J0zE4WposY+5xjpGHv8Hu0n9CLSO6w6Vtu7clg=; b=BhRq6ZTUw1ODcLMt0FiidqUTdduAY41lQCP0qPsEifAGF1ROfQflgwu0nt07YquxnM Cu7iwAk7Pp+N+tn6ISgYYssmkyBdRWCadcMW8lI9a009WVXRBhmO20WliIqnxO03F/rL Ws5UEwkPkwmvq0WyFSDGfl1q41UpoChUA+OuMqVH3PGSThB7V+iFJsIIEyJCX100h401 zJR0tdkFcETRhaGcl7HuPrsYJvuI+NPjPMm0+pGWupQzB5Qs4oUcYKJ5gqLzzvNBQKyN bTGaeI0zYuwkZQPi+fwswsVsFRQ0ZazKZDXyCpO4PNoCsgB6Pt+ZG/tDWfJKAKLpUbMh aOkA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=66AS7J0zE4WposY+5xjpGHv8Hu0n9CLSO6w6Vtu7clg=; b=Imo77TS96VFDlOpfppvPfISMygH57P7nmAAS8HWXSyPlesl2EkZ51ewK+j49+XuVf/ 5ZO2eOrg4K5KIXCu36yLXJvTrPmUoZGUOFir+peuKFvsg2eahTqMvK2sZppUXVdxmPTJ hsqS7V6sjO15/WgLa4vXtF4r+WgJpoLnkBSF2mjg+Pl7VYUAsS2TpNv7NLI3jPnkziso YrR3txxm+yRw8uv4IyYvQRfmEOlT2VGBuEXmuBDXp4re7PqELxUwwqGKQctbyqjPAo3m pF2IQtJRXwx+J6ZsUrFkOYa49MNVT917t1au1hWvMNS/ci02U3tqFIufjI14Wro8noZA mtMw==
X-Gm-Message-State: APjAAAVxw/b6MkUDFXV4QdahNjj8Sg4H5IOTy+2d1vAaoiDIo9qTPF1E TcjQ4duAAHDMNFqEKcR2SPFDNSmAtFBPojFewZY=
X-Google-Smtp-Source: APXvYqxqN/ROAqFvA8AfaOgCn4UJK/D848LprftEwoTuP1OKn46hgXWVTQzJszzmcn35dcd2QipG1cmu3gfnTXjLkUo=
X-Received: by 2002:a2e:5358:: with SMTP id t24mr7184835ljd.209.1567428571547; Mon, 02 Sep 2019 05:49:31 -0700 (PDT)
MIME-Version: 1.0
References: <599D739B-4E2B-4C4F-B265-10DA277DC4FA@isoc.org> <20190902115915.GE15024@localhost>
In-Reply-To: <20190902115915.GE15024@localhost>
From: Neta R S <neta.r.schiff@gmail.com>
Date: Mon, 2 Sep 2019 15:49:19 +0300
Message-ID: <CAM-HxCOe1=Jn4g=p+Uj9QvzNwCq7hxZJS23Sp-hJb=MA6uNoGg@mail.gmail.com>
To: Miroslav Lichvar <mlichvar@redhat.com>
Cc: "Karen O'Donoghue" <odonoghue@isoc.org>, "ntp@ietf.org" <ntp@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000037cc190591916788"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/DJTyZ_pi7XzPEkPBEKLpVZw1zMA>
Subject: Re: [Ntp] Call for adoption: draft-schiff-ntp-chronos
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Sep 2019 12:49:35 -0000

Hi,

Chronos has a provable security guarantees compared to the current NTPv4,
even when facing MitM attacker.
Thus, we suggested Chronos as NTPv4 watchdog and named the draft
accordingly.
We'll consider your comment regarding the draft's name, but in the worse
case (where the MitM controls the client's gateway) I am not sure there is
a solution.

Regarding Daniel's and Kristof's comments, we agree that experimental might
be a more appropriate intended status.

Best,
Neta

On Mon, Sep 2, 2019 at 2:59 PM Miroslav Lichvar <mlichvar@redhat.com>; wrote:

> On Wed, Aug 28, 2019 at 05:37:10AM +0000, Karen O'Donoghue wrote:
> > A Secure Selection and Filtering Mechanism for the Network Time Protocol
> Version 4
> > https://datatracker.ietf.org/doc/draft-schiff-ntp-chronos/
> >
> > Please reply with your opinion on whether or not the working group
> should adopt this document including your willingness to review and
> contribute.
>
> I support adoption of this draft. I would like the group to consider
> using a slightly different title and more careful use of the word
> "secure" in the document. The algorithms improve resiliency against
> some MITM attacks, but in the worst case security doesn't change.
>
> --
> Miroslav Lichvar
>
> _______________________________________________
> ntp mailing list
> ntp@ietf.org
> https://www.ietf.org/mailman/listinfo/ntp
>