IETF Logo Mail Archive

Re: [Ntp] CLOCK_TAI (was NTPv5: big picture)

Philip Prindeville <philipp@redfish-solutions.com> Wed, 06 January 2021 03:59 UTC

Return-Path: <philipp@redfish-solutions.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF6B93A0BFD for <ntp@ietfa.amsl.com>; Tue, 5 Jan 2021 19:59:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j-QfrPtcag73 for <ntp@ietfa.amsl.com>; Tue, 5 Jan 2021 19:59:28 -0800 (PST)
Received: from mail.redfish-solutions.com (mail.redfish-solutions.com [45.33.216.244]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C15973A0BE3 for <ntp@ietf.org>; Tue, 5 Jan 2021 19:59:28 -0800 (PST)
Received: from [192.168.3.4] ([192.168.3.4]) (authenticated bits=0) by mail.redfish-solutions.com (8.16.1/8.16.1) with ESMTPSA id 1063xOgj356422 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 5 Jan 2021 20:59:24 -0700
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.40.0.2.32\))
From: Philip Prindeville <philipp@redfish-solutions.com>
In-Reply-To: <35c4be55-b6af-82b5-aacd-d5a591383dec@rubidium.se>
Date: Tue, 05 Jan 2021 20:59:24 -0700
Cc: Miroslav Lichvar <mlichvar@redhat.com>, ntp@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <63ED96A2-7296-4389-AFB2-0597A514623B@redfish-solutions.com>
References: <20210102081603.1F63C40605C@ip-64-139-1-69.sjc.megapath.net> <cecaf661-92af-8b35-4c53-2f025c928144@rubidium.se> <20210104164449.GE2992437@localhost> <b1e61f7d-6cea-5e99-69f0-7eae815d9e19@rubidium.se> <20210105083328.GA3008666@localhost> <ba5d2cde-6b5e-d9b6-1877-c4060bf43e80@rubidium.se> <20210105144225.GH3008666@localhost> <35c4be55-b6af-82b5-aacd-d5a591383dec@rubidium.se>
To: Magnus Danielson <magnus@rubidium.se>
X-Mailer: Apple Mail (2.3654.40.0.2.32)
X-Scanned-By: MIMEDefang 2.84 on 192.168.1.3
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/HoSn_gbfG3JJqMC8pPPtyaiQO5Q>
Subject: Re: [Ntp] CLOCK_TAI (was NTPv5: big picture)
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Jan 2021 03:59:30 -0000


> On Jan 5, 2021, at 8:51 AM, Magnus Danielson <magnus@rubidium.se> wrote:
> 
> You could use DNS based methods.


I want to quash this approach.

DNS has means to attempt some form of weak security, but a lot of people don’t do it or don’t do it properly.

This will be a weakness in time, plus it introduces circular dependencies since DNS records are themselves timestamped for expiration (TTL’s), though that’s an offset from now and not an absolute time…

We already bloat DNS with too much, such as RSA keys and SPF… we’re attempting to use it as a distributed clearinghouse database, which it was never meant to be.

Oh, for the love of Grapevine.

v2.23.0 | Report a Bug | By Email