Re: [Ntp] NTS Pools
Miroslav Lichvar <mlichvar@redhat.com> Wed, 28 February 2024 10:33 UTC
Return-Path: <mlichvar@redhat.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE3EDC14F682 for <ntp@ietfa.amsl.com>; Wed, 28 Feb 2024 02:33:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZnGjY5HZFa7X for <ntp@ietfa.amsl.com>; Wed, 28 Feb 2024 02:33:50 -0800 (PST)
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 580F2C14F60D for <ntp@ietf.org>; Wed, 28 Feb 2024 02:33:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1709116428; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=KDqXIRK+fCqAZtJ3sDUsOYMwhAm1ydaoQZifcS8ENFM=; b=fvLjvV/yoPvVvUzNT0jG6QzeCEeyOwp5P+/j/UhzPaO/1/+zBlFX5Cjy8R74hJh2yihyYO keS2azvprCUEBNnCFUT/PA/2uWAsT/t4/WdTu35zRxR656glrtdhAM3R/J7g9BYRaAwATS tj/b5pSa+Ixb0Ns2qVW5P31et7mFRYg=
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-642-cdLPUSVSMeqZJLcN-DdujQ-1; Wed, 28 Feb 2024 05:33:43 -0500
X-MC-Unique: cdLPUSVSMeqZJLcN-DdujQ-1
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id BFA46870820; Wed, 28 Feb 2024 10:33:42 +0000 (UTC)
Received: from localhost (unknown [10.43.135.229]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2533A1121312; Wed, 28 Feb 2024 10:33:40 +0000 (UTC)
Date: Wed, 28 Feb 2024 11:33:38 +0100
From: Miroslav Lichvar <mlichvar@redhat.com>
To: David Venhoek <david@venhoek.nl>
Cc: martin.langer=40ptb.de@dmarc.ietf.org, NTP WG <ntp@ietf.org>, Dieter.Sibold@ptb.de, Kristof.Teichel@ptb.de, Rainer Bermbach <r.bermbach@ostfalia.de>
Message-ID: <Zd8MAtzsmXGGBtvq@localhost>
References: <OF2E6B0FFD.229AD710-ONC1258ACB.004EFEAA-C1258ACB.0050896E@ptb.de> <Zdx0Nst2_w1mEMKG@localhost> <CAPz_-SUSEDaFgfwvnm_FQ5M9jjAAp2Df3A7RTuYY2KPmSq5FkQ@mail.gmail.com>
MIME-Version: 1.0
In-Reply-To: <CAPz_-SUSEDaFgfwvnm_FQ5M9jjAAp2Df3A7RTuYY2KPmSq5FkQ@mail.gmail.com>
X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.3
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/FfMhhWTg80NOVaq-WCcRKH5aPOQ>
Subject: Re: [Ntp] NTS Pools
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Feb 2024 10:33:54 -0000
On Wed, Feb 28, 2024 at 09:29:47AM +0100, David Venhoek wrote: > Hi All, > > I have made a spreadsheet showing a short overview of the implications > of the various options, see > https://docs.google.com/spreadsheets/d/1rxEArrbN5OKgsFI9KUzmOzI1twDztQc6aEUZr5WelVU/edit?usp=sharing This is great. Thanks! Can you please add a row comparing computational cost of TLS wrt number of clients for the pool provider (e.g. 0, 1, N, 2N)? I have another proposal to consider. The pool provider could simply terminate TLS and forward NTS-KE communication between clients and individual NTS-KE servers run by the NTP providers. No modifications required on clients or servers. The NTS-KE servers would just need to be configured to provide their IP address in the server negotiation record, so the client doesn't send requests to the pool's TLS host. The TLS cost for the pool provider would be 2N. -- Miroslav Lichvar
- Re: [Ntp] NTS Pools Luke Valenta
- [Ntp] NTS Pools martin.langer
- Re: [Ntp] NTS Pools "Dr. Dieter Sibold"
- Re: [Ntp] NTS Pools martin.langer
- Re: [Ntp] NTS Pools Miroslav Lichvar
- Re: [Ntp] NTS Pools David Venhoek
- Re: [Ntp] NTS Pools Miroslav Lichvar
- Re: [Ntp] NTS Pools David Venhoek
- Re: [Ntp] NTS Pools Miroslav Lichvar
- Re: [Ntp] NTS Pools David Venhoek
- Re: [Ntp] NTS Pools Miroslav Lichvar
- Re: [Ntp] NTS Pools Windl, Ulrich
- Re: [Ntp] NTS Pools David Venhoek
- [Ntp] Antwort: Re: NTS Pools martin.langer
- Re: [Ntp] NTS Pools David Venhoek
- Re: [Ntp] NTS Pools Salz, Rich
- Re: [Ntp] NTS Pools Watson Ladd
- Re: [Ntp] NTS Pools Salz, Rich