[Ntp] Switching NTS to AES-GCM-SIV?
Miroslav Lichvar <mlichvar@redhat.com> Tue, 23 April 2019 15:46 UTC
Return-Path: <mlichvar@redhat.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6AAE3120454 for <ntp@ietfa.amsl.com>; Tue, 23 Apr 2019 08:46:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level:
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EfGhI8LcbJOj for <ntp@ietfa.amsl.com>; Tue, 23 Apr 2019 08:46:32 -0700 (PDT)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8FC58120453 for <ntp@ietf.org>; Tue, 23 Apr 2019 08:46:32 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 182645A59 for <ntp@ietf.org>; Tue, 23 Apr 2019 15:46:32 +0000 (UTC)
Received: from localhost (holly.tpb.lab.eng.brq.redhat.com [10.43.134.11]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8C9EB5D719 for <ntp@ietf.org>; Tue, 23 Apr 2019 15:46:31 +0000 (UTC)
Date: Tue, 23 Apr 2019 17:46:16 +0200
From: Miroslav Lichvar <mlichvar@redhat.com>
To: ntp@ietf.org
Message-ID: <20190423154616.GB11966@localhost>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.10.1 (2018-07-13)
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Tue, 23 Apr 2019 15:46:32 +0000 (UTC)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/J6w0XrkzH7CWdPMb5OzYgOgaKtA>
Subject: [Ntp] Switching NTS to AES-GCM-SIV?
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Apr 2019 15:46:34 -0000
Hi, there is a new standard for AES-GCM-SIV https://tools.ietf.org/html/rfc8452 In the list archive I found some comments that this algorithm was rejected for being only a draft at the time. That has changed and we may want to reconsider it as the mandatory algorithm required by NTS. At the very least, the performance should be better, which I'd very like to see improved, and there may be other advantages. Is it too late for NTS to switch? -- Miroslav Lichvar
- [Ntp] Switching NTS to AES-GCM-SIV? Miroslav Lichvar
- Re: [Ntp] Switching NTS to AES-GCM-SIV? Daniel Franke
- Re: [Ntp] Switching NTS to AES-GCM-SIV? Miroslav Lichvar