IETF Logo Mail Archive

Re: [Ntp] Antw: Re: Antw: draft-ietf-ntp-mode-6-cmds : Issue 1

Harlan Stenn <stenn@nwtime.org> Fri, 22 September 2017 07:47 UTC

Return-Path: <stenn@nwtime.org>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A102F132EA7 for <ntp@ietfa.amsl.com>; Fri, 22 Sep 2017 00:47:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ALkpbr4fLq6e for <ntp@ietfa.amsl.com>; Fri, 22 Sep 2017 00:47:12 -0700 (PDT)
Received: from chessie.everett.org (chessie.everett.org [IPv6:2001:470:1:205::234]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B127D127005 for <ntp@ietf.org>; Fri, 22 Sep 2017 00:47:12 -0700 (PDT)
Received: from [10.66.3.3] (96-41-166-181.dhcp.mdfd.or.charter.com [96.41.166.181]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by chessie.everett.org (Postfix) with ESMTPSA id E50E2B858; Fri, 22 Sep 2017 07:47:11 +0000 (UTC)
To: Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de>, "ntp@ietf.org" <ntp@ietf.org>
References: <d5a5ba98-65f2-f2e0-a0ec-40114213fc03@innovationslab.net> <59C0BEBB020000A100027F1A@gwsmtp1.uni-regensburg.de> <90ca0015-6ff4-9f68-20c9-a978fea6f491@innovationslab.net> <fd938fee-ed5c-a0ca-148f-a20a8c72aaa5@nwtime.org> <59C4A769020000A100028053@gwsmtp1.uni-regensburg.de> <579cec94-f2ab-ce73-13f6-483f5c528da7@nwtime.org> <59C4B636020000A100028076@gwsmtp1.uni-regensburg.de>
From: Harlan Stenn <stenn@nwtime.org>
Message-ID: <62ae5e81-593f-e26a-8829-bc5f4be07dab@nwtime.org>
Date: Fri, 22 Sep 2017 00:47:11 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <59C4B636020000A100028076@gwsmtp1.uni-regensburg.de>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/GUX2FH7K_ZuGxxxHaV5TawT6X1I>
Subject: Re: [Ntp] Antw: Re: Antw: draft-ietf-ntp-mode-6-cmds : Issue 1
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Sep 2017 07:47:15 -0000


On 9/22/2017 12:05 AM, Ulrich Windl wrote:
>>>> Harlan Stenn <stenn@nwtime.org> schrieb am 22.09.2017 um 08:26 in Nachricht
> <579cec94-f2ab-ce73-13f6-483f5c528da7@nwtime.org>:
> 
>> On 9/21/17 11:02 PM, Ulrich Windl wrote:
>>>>>> Harlan Stenn <stenn@nwtime.org> schrieb am 21.09.2017 um 00:42 in Nachricht
>>> <fd938fee-ed5c-a0ca-148f-a20a8c72aaa5@nwtime.org>:
>>>
>>>>
>>>> On 9/20/17 12:10 PM, Brian Haberman wrote:
>>>>>
>>>>>
>>>>> On 9/19/17 2:52 AM, Ulrich Windl wrote:
>>>>>>>>> Brian Haberman <brian@innovationslab.net> schrieb am 18.09.2017 um 19:10 in
>>>>>> Nachricht <d5a5ba98-65f2-f2e0-a0ec-40114213fc03@innovationslab.net>:
>>>>>>> Ulrich noted that this document does not specify a version number for
>>>>>>> the mode 6 commands. I had suggested specifying it as "version 4 (or
>>>>>>> earlier)" given that the introduction of mode 6 commands has occurred at
>>>>>>> various versions of the protocol starting at RFC 1305. Ulrich pointed
>>>>>>> out that the version number drives the interpretation of the status words.
>>>>>>>
>>>>>>> For people who have implemented or use mode 6 commands, what makes sense
>>>>>>> here? Do we need to specify a version number per mode 6 command?
>>>>>>
>>>>>> Hi!
>>>>>>
>>>>>> I think there are several issues:
>>>>>>
>>>>>> 1) Assuming there are different versions (there are!), how can one find out 
>>>> which version the server implements? See 2)
>>>>>>
>>>>>> 2) if a client requests a version different from the server, what should the 
>>
>>>> server do? The server could respond with a different version number, 
>>>> indicating that it is not willing to respond / privide the information in 
>> the 
>>>> format requested. Or the server could respond with a "bad request" status. 
>>>> Finally the server could respond in the format requested... I have slight 
>>>> favor for the first variant unless there is a command to find out what 
>>>> message format versions the server can provide.
>>>>>>
>>>>>> 3) As it seems to be now, the server ignores the version (versions 2, 3, and 
>>
>>>> 4 all seem to work)
>>>>>>
>>>>>
>>>>> The above seems to argue for two things:
>>>>>
>>>>> 1) A preliminary handshake between an NTP server and the mode6-speaking
>>>>> client to determine what version is in use.
>>>>>
>>>>> 2) A change to the operating basis of the mode 6 commands in that the
>>>>> above mentioned handshake occurs before actually sending the mode 6 command.
>>>>>
>>>>> Is that a good representation of what is being asked for?
>>>>
>>>> If it is, I'm thinking we'd want a mode 6 "Identify" command, that would
>>>> have this information in a response.  This response would likely contain
>>>> different data before/after authentication.
>>>
>>> Why that? You should elaborate on the role of authentication.
>>
>> Here's a short list.
>>
>> - Nobody but trusted folks should see the origin timestamp of a pending
>>   symmetric mode exchange.
>>
>> - Nobody but trusted folks should be able to get the list of our
>>   potential servers.
>>
>> - Nobody but VERY trusted folks should be able to issue :config
>>   directives
> 
> Hi Harlan,
> 
> even more confused now: The issue was (unless I'm confused) to finde out what mode-6 protocol version the remote side (server) speaks.
> You talk about changing the requirements of existing commands (it seems).
> I have no objection changing the require ments on the next mode-6 protocol level, but these issues should be clearly separated IMHO.

I thought the intent was to make sure that ntpq could ask an NTP server
"what can you tell me about yourself?", in enough detail that the client
will then know what to ask, and how to interpret the results.

H
--
> Regards,
> Ulrich
> 
> 
> 
>>
>>>> I'd also much rather we had changes to do this that are tested and known
>>>> to do what we want instead of codifying what folks hope will be a good
>>>> solution.
>>>>
>>>> I'm happy to work with collaborative folks, experienced or not, who want
>>>> to dig in to this.
>>
>> -- 
>> Harlan Stenn <stenn@nwtime.org>
>> http://networktimefoundation.org - be a member!
> 
> 
> 
> 
> 

-- 
Harlan Stenn, Network Time Foundation
http://nwtime.org - be a Member!

v2.23.0 | Report a Bug | By Email