Re: [Ntp] Call for adoption: draft-schiff-ntp-chronos
Harlan Stenn <stenn@nwtime.org> Mon, 02 September 2019 13:06 UTC
Return-Path: <stenn@nwtime.org>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A8F8812012A for <ntp@ietfa.amsl.com>; Mon, 2 Sep 2019 06:06:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1WCb5Vgp1XOu for <ntp@ietfa.amsl.com>; Mon, 2 Sep 2019 06:06:05 -0700 (PDT)
Received: from chessie.everett.org (chessie.everett.org [66.220.13.234]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A23A512013D for <ntp@ietf.org>; Mon, 2 Sep 2019 06:06:05 -0700 (PDT)
Received: from [10.208.75.157] (75-139-194-196.dhcp.knwc.wa.charter.com [75.139.194.196]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by chessie.everett.org (Postfix) with ESMTPSA id 46MVhy5mspzL7Y; Mon, 2 Sep 2019 13:06:42 +0000 (UTC)
To: ntp@ietf.org
References: <599D739B-4E2B-4C4F-B265-10DA277DC4FA@isoc.org> <20190902115915.GE15024@localhost> <CAM-HxCOe1=Jn4g=p+Uj9QvzNwCq7hxZJS23Sp-hJb=MA6uNoGg@mail.gmail.com> <651c7da3-33a3-aecd-c7a7-8f1c4ec05e9a@nwtime.org> <CAM-HxCN6jDTpSL2UjhNzQM9g3xH7ja-4SozAnDT_=NzFDX4E=A@mail.gmail.com>
From: Harlan Stenn <stenn@nwtime.org>
Openpgp: preference=signencrypt
Autocrypt: addr=stenn@nwtime.org; prefer-encrypt=mutual; keydata= mQGNBFI2xmQBDACrPayw18eU4pIwCvKh7k0iMkAV9cvzs49kBppM+xoH+KKj4QWmkKELD39H ngQnT3RkKsTLlwxyLqPdUmeQNAY2M5fsOK+OF6EvwLPK9hbmE3Wx2moX+sbEUxJ2VzFhKSKb OPZALXwk1XxL0qBedz0xHYcDwaSAZZkEFXURv2pDIdrmnoUnq2gdC8GpoFJiXoUaCLSYzzaY ac4Njw7Mue8IqfzRQb70aMjXl/qmsmfmEVAyGXywDdc/ler4XSgiuYOV7Kf69bj9PFZZSMdJ MWgEyZH6lJ0TU5ccR2zp5ZRmWzQQkxJMyH2th7q0Nmz3aX4A0K4yE0Ba9/5Dr7ctpF15BrMF aEo4s5lwI6tUnkgMWo265mMzCz4mAPV/ac0w0OXQg7r9E2r0+dRapnzUlG43D0JLDqDr9uRR L6IrRQqoCWUC75lfmPYQYSlaTJaK68r3lXd0z1cXJUgVtEL5H3/Z71R2B20twcQVAnw2iIH6 L5vdrsIjHrMmkqRVbs9nNyEAEQEAAbQ5SGFybGFuIFN0ZW5uIChOZXR3b3JrIFRpbWUgRm91 bmRhdGlvbikgPHN0ZW5uQG53dGltZS5vcmc+iQG5BBMBAgAjBQJSNsblAhsvBwsJCAcDAgEG FQgCCQoLBBYCAwECHgECF4AACgkQyIwAt1pH+kBlzgv/QOg70vdj8wU/z97UPdlbxtN4THAB gfSX4N0VPKT5fjX1tFhuXZQAOv7wedR3Trh7TGteyg33TBAFf9A42mXZKi1IxAiQG118Hd8I 51rXwnugURIYQaIyQI+vbchRbwVyz+mVLTI/h6FdbsVzT4UFmir+ZMkb/XeZPu0HItk4OZHE 6hk+TuTiCnlqlCPLq371fXV54VOb91WZYD8EQFtK02QHGHsQqWvapdphiDVpYehmsPyiTESq NMKLVtjtyPkQ6S7QF3slSg+2q3j8lyxEA78Yl0MSFNU8B/BtKgzWP2itBOfi+rtUKg+jOY1V /s2uVk2kq2QmHJ/s5k5ldy3qVvoTpxvwBe0+EoBocTHYt+xxp0mTM6YY1xLiQpLznzluqg9z qtejX1gZOF4mgLiBIrhXzed3zsAazhTp5rNb1kn0brZFh6JC5Wk941eilnA4LqX8AWo0lmwo eb+mpwZK/5lNdage/anpVqft9wJ/8EcvST9TLUO4fPrmT3d/0LpWuQGNBFI2xmQBDADXLsBk I7CSa5UXlrNVFJQHER1VxRBKqjWWCh/8Qv9v3p3NrIc2UnhoZ1uWQ2voBGty5Xfy9k4afV5k WwDyRDUIb7PX+Tj4HjVVr7qvnOVe/0KzZpNq0Azd0ggFbsM+8mydktHIwJykW0NUsGwPRYuD OA0Lro0ohb5IiCt3sSQi1X1hYjo7O1Vmn8Gy/XYOnhnMux+5zDPO2yTkCNX5PocYi9IJJy6p Mq1yQV4Y2Dl8KtQzvtq55vCUxx6n0MMzFViGwNW6F4ge9ItO4tDScsgowDrHa208ehwOpv/i wjf93lCClQ6vaKmOBX872K/tdY/hwhxPPjgl1bcrOwMRYVemOPPehwnXH5bwclk1hvDQdkJQ 5pJOkE4VCryTF/iDAt4g2QnHocUwt3b6/ChUUWmj2GZ22OR12rbnCtLedwp0DpViKPUCQHBO vpgXdzE/L9zWar9fqM0EREMgfWbsJc9028qluCcFLIN1gYsq4cC+YGAcOu7HOI5orBBV4m9j XfsAEQEAAYkDPgQYAQIACQUCUjbGZAIbLgGpCRDIjAC3Wkf6QMDdIAQZAQIABgUCUjbGZAAK CRDfCQ/G52/8P/uWDACe7OEM+VETDRqjQgAwzX+RjCVPvtgrqc1SExS0fV7i1mUUxr/B8io3 Y1cRHFoFKmedxf8prHZq316Md5u4egjFdTT6ZqEqkK0hvv+i0pRpCa5EX9VIStcJStomZp8F cY34grA+EOWITaLQ4qNZUP7rf2e7gq1ubQTj7uLr6HZZvMZ5em+IvrOWEuWDI6yOiI6px04w RDfkoR2h6kgdw4V0PT4NjK9WYYKrVCf1bjLlVImNBEcXfvlUTrIYO8y6ptvoUsBQky5pQRvP 99Pn42WfyLy50aII6+vyudD4T0yLjXAz4KteUttxtIte64m/F9/7GEIZAxTUcLyOq/7bP4le h39jBckwc62iYzeK/VkU/bMMh2D68Z3QylMnhhcW27BcgQHPKsHhmFa2SNytYcuQiSdf9+pj 4i32ETz1nJAvYAAqgTF/0PL+8ZNQoEpe/n9woMKrlZrqD4EgFmhQ3bNVhlaXz1nuTZDrwPt1 yMxBuUNbCF4jFnaruwrSiGTRoIfUZQwAjQglahrV4/mcjfnvbNoseHX0PKd9q+wjg7MIjWqr f2CI8Fa6MdanqwYphz43I2yXANKFZuMWsWqyQYlvGuPUlUUcAL3stp24RkzDB1Q+JS0IZJST T2JSu0aTfUdWVNqr2UI19eX+zxbOTckSi3Ng14ezG8ZX194ZH10b8JzntQOwmA20pd5JDhug zQfASER+CZDiPPcQ4mvC4y7rMrfV6XGQbDynC3ekDxo8SC5SvjaczXMwXg6SZ8iFtEWmEwW9 r7zPjjIPDrX8w5LXBgxArM5o/HbERpc2EdAvMh1D7LC0SvmoE7fBKxsicVBe4h6vXjEZ+LLr /wuZiBld9OnxAUIpwptbBspO6WKTQYvgFH2OeDG27hiE5P4Xs4WSp5j9ez8OVB1iZnA2nCQ+ tNTjO8c+C/P92vPLx5+bpGRXTXMNaLh34PS3ZsYoUDkKZNhczRZUWJ7nynSbeeyF+QW7SLwA qY7O7dyk9LFTsfJqRQJ7tWnIAjJPCwmSgQ8Kl0UJ
Message-ID: <25896b73-5ac1-27ce-f88c-26bba8028a86@nwtime.org>
Date: Mon, 02 Sep 2019 06:06:03 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <CAM-HxCN6jDTpSL2UjhNzQM9g3xH7ja-4SozAnDT_=NzFDX4E=A@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/KIY6P5_K9eUP9oES5L-GksgAD1U>
Subject: Re: [Ntp] Call for adoption: draft-schiff-ntp-chronos
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Sep 2019 13:06:08 -0000
Am I the only person who would want to see the security guarantees at least summarized in the draft? I'm talking about a summary, not a pointer to some other document. I care less about this if the draft switches to the Experimental track. H On 9/2/2019 6:03 AM, Neta R S wrote: > Hi, > > Chronos' security guarantees were analysed in the following paper: > https://www.ndss-symposium.org/wp-content/uploads/2018/02/ndss2018_02A-2_Deutsch_paper.pdf > (which is also referred in the draft). > > Best, > Neta > > On Mon, Sep 2, 2019 at 3:55 PM Harlan Stenn <stenn@nwtime.org > <mailto:stenn@nwtime.org>> wrote: > > I am opposed to the adoption of this draft as anything other than an > experimental proposal. > > On 9/2/2019 5:49 AM, Neta R S wrote: > > Hi, > > > > Chronos has a provable security guarantees compared to the current > > NTPv4, even when facing MitM attacker. > > What *exactly* are these provable security guarantees? > > I suspect people are drawing incorrect inferences from "provable > security guarantees". > > H > -- > > Thus, we suggested Chronos as NTPv4 watchdog and named the draft > > accordingly. > > We'll consider your comment regarding the draft's name, but in the > worse > > case (where the MitM controls the client's gateway) I am not sure > there > > is a solution. > > > > Regarding Daniel's and Kristof's comments, we agree that experimental > > might be a more appropriate intended status. > > > > Best, > > Neta > > > > On Mon, Sep 2, 2019 at 2:59 PM Miroslav Lichvar > <mlichvar@redhat.com <mailto:mlichvar@redhat.com> > > <mailto:mlichvar@redhat.com <mailto:mlichvar@redhat.com>>> wrote: > > > > On Wed, Aug 28, 2019 at 05:37:10AM +0000, Karen O'Donoghue wrote: > > > A Secure Selection and Filtering Mechanism for the Network Time > > Protocol Version 4 > > > https://datatracker.ietf.org/doc/draft-schiff-ntp-chronos/ > > > > > > Please reply with your opinion on whether or not the working > group > > should adopt this document including your willingness to > review and > > contribute.. > > > > I support adoption of this draft. I would like the group to > consider > > using a slightly different title and more careful use of the word > > "secure" in the document. The algorithms improve resiliency > against > > some MITM attacks, but in the worst case security doesn't change. > > > > -- > > Miroslav Lichvar > > > > _______________________________________________ > > ntp mailing list > > ntp@ietf.org <mailto:ntp@ietf.org> <mailto:ntp@ietf.org > <mailto:ntp@ietf.org>> > > https://www.ietf.org/mailman/listinfo/ntp > > > > > > _______________________________________________ > > ntp mailing list > > ntp@ietf.org <mailto:ntp@ietf.org> > > https://www.ietf.org/mailman/listinfo/ntp > > > > -- > Harlan Stenn, Network Time Foundation > http://nwtime.org - be a Member! > > _______________________________________________ > ntp mailing list > ntp@ietf.org <mailto:ntp@ietf.org> > https://www.ietf.org/mailman/listinfo/ntp > > > _______________________________________________ > ntp mailing list > ntp@ietf.org > https://www.ietf.org/mailman/listinfo/ntp > -- Harlan Stenn, Network Time Foundation http://nwtime.org - be a Member!
- [Ntp] Call for adoption: draft-schiff-ntp-chronos Karen O'Donoghue
- Re: [Ntp] Call for adoption: draft-schiff-ntp-chr… Daniel Franke
- Re: [Ntp] Call for adoption: draft-schiff-ntp-chr… kristof.teichel
- Re: [Ntp] Call for adoption: draft-schiff-ntp-chr… Miroslav Lichvar
- Re: [Ntp] Call for adoption: draft-schiff-ntp-chr… Neta R S
- Re: [Ntp] Call for adoption: draft-schiff-ntp-chr… Harlan Stenn
- Re: [Ntp] Call for adoption: draft-schiff-ntp-chr… Neta R S
- Re: [Ntp] Call for adoption: draft-schiff-ntp-chr… Harlan Stenn
- Re: [Ntp] Call for adoption: draft-schiff-ntp-chr… Marcus Dansarie
- Re: [Ntp] Call for adoption: draft-schiff-ntp-chr… Tal Mizrahi
- [Ntp] Antw: Re: Call for adoption: draft-schiff-n… Ulrich Windl