Re: [Ntp] [EXT] I-D Action: draft-ietf-ntp-ntpv5-requirements-02.txt
James <james.ietf@gmail.com> Mon, 31 July 2023 13:41 UTC
Return-Path: <james.ietf@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78455C15199A for <ntp@ietfa.amsl.com>; Mon, 31 Jul 2023 06:41:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.105
X-Spam-Level:
X-Spam-Status: No, score=-7.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3tYGy_lBwem5 for <ntp@ietfa.amsl.com>; Mon, 31 Jul 2023 06:41:01 -0700 (PDT)
Received: from mail-ed1-x52f.google.com (mail-ed1-x52f.google.com [IPv6:2a00:1450:4864:20::52f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F62AC151998 for <ntp@ietf.org>; Mon, 31 Jul 2023 06:41:01 -0700 (PDT)
Received: by mail-ed1-x52f.google.com with SMTP id 4fb4d7f45d1cf-5227e5d9d96so6026358a12.2 for <ntp@ietf.org>; Mon, 31 Jul 2023 06:41:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1690810860; x=1691415660; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=zdBuTRa6+kMT7S+ZjhAcyqoKxD7LSXWvPUfeIxYWgk0=; b=N3hCE9z2ZWSumBPc0qTiGalGvJEuz31NNFP7WDq431jRwEnEkWF/j8YV+qxsV8lHdv Go7poaPvnPoCSsICPfseC2F3YRa7iuRbrFwJMq+TUWTH9HB251qt2/4qZVOnHmKZ3i0z gk9l1qtz7mcHinzKIlzrjvA4vuYyOelWn+FsD59VuiiOlulHgLmUf8q8qSahB5iX2BfI FYPosOO2LNUsBE27CS9TqdqWMEyHkVkr/nSlKu3utwCVTkq+so3FnCWYLkJ5BDNrEMoQ mytfS533+qRBVjM5oKN0wwuQr/DAchSVSao1fmGuhOhNsdOLk5AeHWiS/yrfQobkHs6O 7Jdg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690810860; x=1691415660; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=zdBuTRa6+kMT7S+ZjhAcyqoKxD7LSXWvPUfeIxYWgk0=; b=LXZbuoz5Eg9A2B6ohHfEBPXnbMAgp0fdoHb/Ssk6335AFfRrWWT1zsFloBTuwiROQ1 86chvkBvMvEGR9E5RNLF8yaNIwv7AiJiSTOCIIOP5jQdIrwYAZtXJ4QjklMcdIkHThTZ wdfTirxq0pPmbcvv/BoGNHLhwS1Qqx5knBIoSksIhA2PrUDdpgaScEYM7XIV/Eagjc8J xCHsY4b84/nYWR/DARRtm2WArmexsRMl2KjBrDP4+E1UEBKEQUlVGgrjWDRJujhjqVlo 5Y499cgVJA/4xWyeM3y3uKEVIWAiIBOd0Tf2BheFu4Y9Hx/NG7Qa4/rfQHr5t77aryIU srww==
X-Gm-Message-State: ABy/qLZULEnzpp7YSfrMbsOF7Db9Dw+Vxfc6gW7EtUJHtkjI2fXVUhb1 N49ory/O4GI+cXA1vAOnBY5BO44HjGg=
X-Google-Smtp-Source: APBJJlE4H8XjIeShC5+jMRhUoPxEOOxWGroNe9Dd0h6KcIt/xJgbjzs08MtyRPrFkwDsjKjenWMLXQ==
X-Received: by 2002:a05:6402:7c2:b0:522:3cf4:9d86 with SMTP id u2-20020a05640207c200b005223cf49d86mr7688690edy.33.1690810859429; Mon, 31 Jul 2023 06:40:59 -0700 (PDT)
Received: from smtpclient.apple (2a02-a468-ca02-2-99be-7a6b-62c6-cd0a.fixed6.kpn.net. [2a02:a468:ca02:2:99be:7a6b:62c6:cd0a]) by smtp.gmail.com with ESMTPSA id v15-20020aa7dbcf000000b0050488d1d376sm5432451edt.0.2023.07.31.06.40.58 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 31 Jul 2023 06:40:59 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6\))
From: James <james.ietf@gmail.com>
In-Reply-To: <faaa36f1eb5a431796e3ee927072ca36@ukr.de>
Date: Mon, 31 Jul 2023 15:40:48 +0200
Cc: "ntp@ietf.org" <ntp@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <CE89523E-61D4-4852-920D-917B9AFC05AF@gmail.com>
References: <169064555203.48214.10785823343496948104@ietfa.amsl.com> <faaa36f1eb5a431796e3ee927072ca36@ukr.de>
To: "Windl, Ulrich" <u.windl@ukr.de>
X-Mailer: Apple Mail (2.3731.700.6)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/JO4CpHAG8h5BSmiFS6ie2eRGRmg>
Subject: Re: [Ntp] [EXT] I-D Action: draft-ietf-ntp-ntpv5-requirements-02.txt
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Jul 2023 13:41:02 -0000
Thanks for the review, responses inline. Anything with a hash and number (e.g. #16) is reference to a Github Issue I've raised in my repository [1], and I would kindly suggest any deeper discussions on specific points happen there to make it easier to track as there are so many points raised. - J 1: https://github.com/fiestajetsam/draft-gruessing-ntp-ntpv5-requirements/issues > On 31 Jul 2023, at 09:38, Windl, Ulrich <u.windl@ukr.de> wrote: > > Hi! > > I find the part " particularly where the network is unable to offer or does not require PTP [IEEE-1588-2019], " rather confusing: What is the relation to NTP there? > Likewise for " such as customer-premises equipment where reduced accuracy may be tolerable": It may be, or not. I think this is just speculation. The relation is that there are many deployments of NTP where time synchronisation is required, but PTP is not possible. This is part of introductory text setting the theme for the various places where NTP exists today, and I think acknowledging that NTP is used instead of other protocols is useful. Do you have a suggestion on how this could be more clear or appropriate? (#40) > For " 3.1. Denial of Service and Amplification" I'd start the section with a sentence explaining that the UDP protocol can be misused for packet injection and packet redirection, and when a response is longer than a request it can be used as traffic amplification attack as well. Thus extra security measures have to be applied to prevent such (maybe also add a reference to some RFC dealing with that subject). Just listing "private mode" as culprit seems a bit biased IMHO. Private mode was just the first obvious thing that came to mind. (#24) > For " The risk that an on-path attacker can delay" it could read "... systematically delay" instead, meaning that a single random delay will likely be detected and handled by the protocol. Agreed. (#27) > For " 3.3. False Time" it's not obvious how " consideration should also be made for hardware-based timestamping " will help. This refers to my point further down around issues previously raised with respect to applying cryptography to all timestamps. (#29) > Should packet replays be mentioned there, too? I don't know enough to consider this, could you please make some suggestive text of what might be included? (#25) > On " 4. Requirements": Is (remote) "monitoring" definitely no longer a requirement? I'm not sure this was ever an explicit requirement - and I'm unable to find it in previous versions of the document. Could you please provide some more clarity on what you mean by this? (#31) > On " servers receiving large amounts of unauthorised traffic [ntp-misuse] and the design of NTPv5 must ensure the risk of these can be minimized.": I think NTP cannot minimize the risk of such things (large amount of unauthorized traffic) to happen, but it can (or at least try to) _handle_ the situation properly. I disagree, the design of NTPv5 could minimise (but not 100% mitigate) large amounts of unauthorised traffic. I'm happy to consider any better ways of phrasing this sentence you'd like to suggest. (#28) > Isn't it preferable to use _positive_ requirements instead of negative ones? For example: Instead of " The protocol's loop avoidance mechanisms SHOULD NOT use identifiers tied to network topology." Why not " The protocol's loop avoidance mechanisms SHOULD be able to use identifiers that change over time. "? In the example you gave specifically the use of SHOULD NOT was chosen to prevent certain behaviours rather than enable the specification and thus implementations. On reading it again, I would propose actually stronger language, perhaps "The protocol's loop avoidance mechanisms MUST be able to use identifiers that change over time and are not tied to network topology". Do you agree or do you have a different suggestion? (#17) > On " The protocol MUST have the capability for servers to notify clients that the service is unavailable": I think it should be mentioned that clients deliberately ignoring such signaling SHOULD (or MUST) be handled accordingly (still to be defined or at least suggested how to). Agreed, however do you have any suggestions on how the protocol should handle this? (#20) > Think this section is rather confusing: " Clients SHOULD periodically re-establish connections with servers to prevent attempting to maintain connectivity to a dead host and give network operators the ability to move traffic away from hosts in a timely manner": What is the relationship between clients querying servers and network operators moving traffic? Good point, in some cases the time service provider is also the network provider (e.g. ISPs) but not always. I'll try to rephrase it to be clearer. (#37) > On " MAY be supported and SHOULD NOT be required": it's redundant (both says the same). What I'm trying to say is that broadcast/symmetric modes "MAY be supported in the protocol specification and SHOULD NOT be required of implementations". (#30) > I would re-phrase (too much in one sentence IMHO): " To minimise ongoing use of deprecated fields and exposing identifying information of implementations and deployments payload formats SHOULD use the least amount of fields and information where possible, favouring the use of extensions to transmit optional data." Any suggestions you have would be warmly welcome. (#33) > On " Signalling of algorithm use or preference SHOULD NOT be transmitted by servers." I'd add that the algorithm does not have to be specified (enumerated), but the essential properties of the algorithm MUST (or SHOULD) be obvious (like precision, etc.). I don't feel overly strong about this - ideally we'd want every algorithm to use the same basic properties, and otherwise use extensions. (#32) > On " to allow for implementations to more easily support both versions of the protocol." "more easily than WHAT?" The full sentence as of -02 reads: > Ideally [NTPv5] should be similar or identical to the existing epoch and data model that NTPv4 defines to allow for implementations to more easily support both versions of the protocol. The implication is that changing the data model, epoch etc across versions would require more business logic and code for implementations. Do you have a suggestion on how this could be better described? (#26) This is also connected with my comment further down around analysis of dependant specifications. (#35) > Maybe re-phrase " UTC and TAI [TF.460-6]." To " UTC (the current timescale up to NTPv4) and TAI [TF.460-6]. (a possible future timescale starzing at NTPv5)" I struggle to see the benefit of this inclusion, but also don't have strong opinions against it. (#22) > On " all transmissions of time data SHALL indicate the timescale in use.": Why not "MUST"? I think the decisions around this were to give room for the discussions earlier over what timescales are supported by the protocol - if there's only ever one timescale transmitted and other representations are derived separately, mandatory inclusion of timescale identification is arguably not necessary. Based on how that subject has changed it'll get updated. (#16) > Why use " greater than 1 calendar day" and not "greater than 24 hours in linear timescale"? This was phrased as such because it fits in line with how I see people talking and describing NTPv4's LI field, and also how leap seconds are announced. Of what benefit would there be for the reader if we used your suggestion? (#38) > On " Smearing of leap seconds": Should there be some reference when "smearing" occurs first? > > On " the protocol MUST support servers transmitting both": It's not clear what "both" actually is. > > Also the requirement that the exact smearing algorithm MUST be specified is missing IMHO. Agreed on the first two points, however the third based on prior list discussions remains somewhat unclear - are we expecting the protocol to transmit the smearing algorithm in-band, or use an IANA registry for a list, etc? (#19) > On " ossification of the protocol": I'm unsure everybody understands what that is intended to mean. This could use a bit more description as well as an informative ref to RFC 9065. (#18) > On " Servers that support multiple versions of NTP must send a response in the same version": Why not MUST? Agreed. (#23) > On " Many other documents make use of NTP's data formats ([RFC5905] Section 6) for representing time, notably for media and packet timestamp measurements.": It's not clear what those "other" (non-NTP?) documents are, and how they would be affected when the NTP timestamp format would change. I discussed this at IETF 112 after analysing every reference I could find to NTPv4 and related RFCs. Do you think I should specifically cover all those documents potentially impacted? (#35) https://youtu.be/X1plw3TXW5g?t=1239 https://datatracker.ietf.org/meeting/112/materials/slides-112-ntp-ntpv5-requirements-00.pdf > On " Unknown extensions received by a server from a lower stratum server SHALL not be added to response messages sent by the server receiving these extensions.": Isn't the part " sent by the server receiving these extensions " completely redundant?: A "response" is specific to a request, isn't it? I think you're right, this is just clumsy editing on my behalf. (#34) > On " Data authentication and optional data confidentiality MUST be integrated into the protocol": Isn't that missing the most important "integrity"? In ways data authentication brings the assertion of integrity with it - if the payload has lost integrity due to modification, then it can't be authenticated. Consider a hashing function like SHA can assert integrity, but a HMAC asserts both integrity as well as authentication. Do you think this should be written in a different manner? (#35) > Why not rephrase " Cryptographic agility" to "Upgrading cryptographic algorithms"? Agreed. (#21) > On " Intermediate devices such as hardware capable of performing timestamping of packets SHOULD be able to add information to packets in flight without requiring modification or removal of authentication or confidentiality on the packet.": shouldn't it be preferable to integrity-protect these, too? Here it's not clear whther such hardware will replace a timestamp in a packet or will add some extension field to a packet. In the latter case one could also add a MAC built from the existing MAC and the new timestamp. So the receiver could check both MACs: If the additional MAC fails, it would ignore the hardware timestamp and continue checking the original MAC... This was discussed in the past on list, and there were concerns from people about the overheads of doing so - both in terms of the cryptographic cost impacting precision, as well as complexity. I also don't think this text prevents it, even if we're not prescriptive how. Given this, do you still think this should be changed to be stronger wording? (#29) https://mailarchive.ietf.org/arch/msg/ntp/TzGA8SMpERhrhQDnMhz0Iv_Pp-w/ > Should some kind of "boot protocol" be part of the specification? Meaning: If the client has no idea what the current time is, how can the "chicken-egg paradoxon" be solved (time required to check authentication, authentic responses needed to trust the time sent). I think in times of "IoT" this might be an important aspect (in the past "servers" had a battery backed up clock, or a trusted operator that sets/verifies/checks the clock on boot). I'm not sure that is a specification requirement but solely a consideration for implementations and deployments. I think this should stay out of scope of the protocol specification, and instead the WG at a later point in time consider a best practices document that addresses this subject in more depth. Do you agree? (#39) > Kind regards, > Ulrich
- [Ntp] I-D Action: draft-ietf-ntp-ntpv5-requiremen… internet-drafts
- Re: [Ntp] [EXT] I-D Action: draft-ietf-ntp-ntpv5-… Windl, Ulrich
- Re: [Ntp] [EXT] I-D Action: draft-ietf-ntp-ntpv5-… James
- Re: [Ntp] I-D Action: draft-ietf-ntp-ntpv5-requir… Miroslav Lichvar
- Re: [Ntp] I-D Action: draft-ietf-ntp-ntpv5-requir… James