IETF Logo Mail Archive

Re: [Ntp] Antw: Re: Antw: [EXT] Re: Quick review of WGLC for status change for draft‑ietf‑ntp‑update‑registries

Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de> Thu, 11 August 2022 11:03 UTC

Return-Path: <Ulrich.Windl@rz.uni-regensburg.de>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D97BDC14F6EB for <ntp@ietfa.amsl.com>; Thu, 11 Aug 2022 04:03:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.906
X-Spam-Level:
X-Spam-Status: No, score=-1.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zNeAnKqH0GTO for <ntp@ietfa.amsl.com>; Thu, 11 Aug 2022 04:03:47 -0700 (PDT)
Received: from mx3.uni-regensburg.de (mx3.uni-regensburg.de [IPv6:2001:638:a05:137:165:0:4:4e79]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AB35FC14F612 for <ntp@ietf.org>; Thu, 11 Aug 2022 04:03:46 -0700 (PDT)
Received: from mx3.uni-regensburg.de (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id E290F6000075 for <ntp@ietf.org>; Thu, 11 Aug 2022 13:03:43 +0200 (CEST)
Received: from gwsmtp.uni-regensburg.de (gwsmtp1.uni-regensburg.de [132.199.5.51]) by mx3.uni-regensburg.de (Postfix) with ESMTP id B9E4F6000070 for <ntp@ietf.org>; Thu, 11 Aug 2022 13:03:43 +0200 (CEST)
Received: from uni-regensburg-smtp1-MTA by gwsmtp.uni-regensburg.de with Novell_GroupWise; Thu, 11 Aug 2022 13:03:44 +0200
Message-Id: <62F4E20E020000A10004C47A@gwsmtp.uni-regensburg.de>
X-Mailer: Novell GroupWise Internet Agent 18.4.1
Date: Thu, 11 Aug 2022 13:03:42 +0200
From: Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de>
To: "ntp@ietf.org" <ntp@ietf.org>, stenn@nwtime.org
References: <PH0PR06MB706126984E4442EF32F8242AC2999@PH0PR06MB7061.namprd06.prod.outlook.com> <da155c84-2c70-2e3b-59eb-03e380806cf2@nwtime.org> <PH0PR06MB70611F2331D8255F7E2B6604C2999@PH0PR06MB7061.namprd06.prod.outlook.com> <0b4c7efa-3977-b588-0974-33b6a9437e52@nwtime.org> <62F0E9D3020000A10004C2EC@gwsmtp.uni-regensburg.de> <2d66fa3e-f750-e3d2-511e-594fa40d993d@nwtime.org> <62F0F4C7020000A10004C310@gwsmtp.uni-regensburg.de> <8faf7c64-8896-97ca-fa2e-2d762c7da1d8@nwtime.org> <YvEIf3g+Jjm27pUz@localhost> <f6b2b8ce-c4f8-72d9-8004-2bb13e1176e4@nwtime.org> <YvIUeUAkpXR7/lDS@localhost> <c109d057-bcce-862a-e264-69523f232fed@nwtime.org> <1835216B0200005A6A6A8CFC@gwsmtp.uni-regensburg.de> <B8BB1800020000C0822C0D04@gwsmtp.uni-regensburg.de> <62F2382C020000A10004C389@gwsmtp.uni-regensburg.de> <d72a0d3b-1441-e70d-56b1-ef3f02d12785@nwtime.org>
In-Reply-To: <d72a0d3b-1441-e70d-56b1-ef3f02d12785@nwtime.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Content-Disposition: inline
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/GE7D9qEbdiGIF_HmqCp2xuqUO1g>
Subject: Re: [Ntp] Antw: Re: Antw: [EXT] Re: Quick review of WGLC for status change for draft‑ietf‑ntp‑update‑registries
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Aug 2022 11:03:50 -0000

Hi Harlan,

if you have ntpd with a key configuration file all is fine:
Known keys are processed, and unknown keys are dropped.
BUT: If you want to analyze packets on the wire (tcpdump, wireshark) without
having the key definitions, it's hard to impossible.

That was my point of criticism: I think the packet structure should be
parsable without knowing the keys behind the key ID.

Regards,
Ulrich

>>> Harlan Stenn <stenn@nwtime.org> schrieb am 11.08.2022 um 11:50 in
Nachricht
<d72a0d3b-1441-e70d-56b1-ef3f02d12785@nwtime.org>:
> On 8/9/2022 3:34 AM, Ulrich Windl wrote:
>>>>> Harlan Stenn <stenn@nwtime.org> schrieb am 09.08.2022 um 11:11 in
>> Nachricht
>> <c109d057-bcce-862a-e264-69523f232fed@nwtime.org>:
>>> On 8/9/2022 1:02 AM, Miroslav Lichvar wrote:
>>>> On Mon, Aug 08, 2022 at 06:48:28PM ‑0700, Harlan Stenn wrote:
>>>>> On 8/8/2022 5:58 AM, Miroslav Lichvar wrote:
>>>>>> If you allow short extension fields, you will not be able to detect
>>>>>> whether a request contains an unknown extension field or an Autokey
>>>>>> MAC using an old cookie. The protocol may be able recover, but that's
>>>>>> not how things should be done.
>>>>>>
>>>>>> Here is an example:
>>>>>>
>>>>>> 04 1b 00 14 cc e2 c8 47 71 95 79 64 c4 71 e8 72 7e bf fb cd
>>>>>>
>>>>>> Which of the two is it?
>>>>>>
>>>>>
>>>>> More context, please.
>>>>>
>>>>> What is that set of bytes?
>>>>
>>>> It's the UDP data following the NTP header.
>>>
>>> I don't do this stuff in my head as well as I used to.
>>>
>>> Is there a symmetric key for keyID 1051?  If so, what hash algorithm was
>>> used?
>> 
>> Should the parsing of the packet really depend on knowing what hash 
> algorithm
>> a specific key ID uses?
> 
> In general, no.
> 
> More below.
> 
>> It's quite likely that a server receives packets with a key it does not 
> know.
> 
> If a packet is authenticated with a keyID the receiving system does not 
> understand, then the receiving system CANNOT authenticate the packet. 
> In this case, it's expected that the receiving system will drop the packet.
> 
> Do you disagree?
> 
> I asked about the algorithm that was used because it is possible for 
> MACs to have different payload lengths.
> 
> The receiving system can see if the keyID is known, and if it is, the 
> expected algorithm will dictate the length of the MAC payload.
> 
> If that payload length does not match, then the field in question cannot 
> be a legacy MAC.
> -- 
> Harlan Stenn <stenn@nwtime.org>
> http://networktimefoundation.org - be a member!

v2.23.0 | Report a Bug | By Email