[Ntp] Re: Grease in Roughtime
kristof.teichel@ptb.de Wed, 25 September 2024 07:39 UTC
Return-Path: <kristof.teichel@ptb.de>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 56ADEC14F6EF for <ntp@ietfa.amsl.com>; Wed, 25 Sep 2024 00:39:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ptb.de
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MRqnWvdWiJVt for <ntp@ietfa.amsl.com>; Wed, 25 Sep 2024 00:38:56 -0700 (PDT)
Received: from mx1.bs.ptb.de (mx1.bs.ptb.de [192.53.103.120]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9CC15C1E0D7E for <ntp@ietf.org>; Wed, 25 Sep 2024 00:38:54 -0700 (PDT)
Received: from s23397.bs.ptb.de ([172.21.101.132]) by mx1.bs.ptb.de with ESMTP id 48P7cp5X032389-48P7cp5Z032389 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=OK); Wed, 25 Sep 2024 09:38:51 +0200
In-Reply-To: <f8989896-0846-415c-8837-abcc0c1acfbd@dansarie.se>
References: <CAPz_-SUY9egByeG+cSHXFqbc6XzRmkpCF7Y4QS2ud0LmOjccAA@mail.gmail.com> <55dedf3b-04f7-4efe-bb8a-6aee9554e011@dansarie.se> <OF4F731B07.08990379-ONC1258BA2.0029CC70-C1258BA2.002AB2EE@ptb.de> <f8989896-0846-415c-8837-abcc0c1acfbd@dansarie.se>
To: Marcus Dansarie <marcus@dansarie.se>
MIME-Version: 1.0
From: kristof.teichel@ptb.de
Message-ID: <OFB3552CA3.457D21B2-ONC1258BA3.0027F22C-C1258BA3.002A01DD@ptb.de>
Date: Wed, 25 Sep 2024 09:38:49 +0200
Content-Type: multipart/alternative; boundary="=_alternative 002A01DDC1258BA3_="
X-FEAS-Client-IP: 172.21.101.132
X-FE-Policy-ID: 5:5:5:SYSTEM
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; d=ptb.de; s=s1-ptbde; c=relaxed/relaxed; h=references:to:cc:mime-version:subject:from:message-id:date:content-type; bh=NZlL0yIPb8ZHEEytVcFIFsebGxjP5A9cU+PsfFEI0Vs=; b=ODlkwJ/lQsj7DdfT1ybRcPzdCH7TBiyR17o27RZrItS4CvAizuyKeFVVKpd4uCm2FTfx2mT3nWLr 29fL4fEXneAraUCOxQeCcMVT+6TaFug6WbGAJ2Gk70CEhJiMgNn0rxldSdUQZJubQdID+XxjFWlz qQkCZbbQHQX1x2PYEyK78UOjNs5f4Ihj2UZQqQlFusALT5os7XLW2ZbOIOHiU5K3czYMgJlrLxh/ LuwfuZLrKiU2RvovtgsG5FZl36ZL4GH4FgqRVIJS/EPbUCrhCMAMS2s3bHkszink6wrGxBCeBkpS aBRqwp9UETwpwFXvdIS6f10UZWs6PZNqGUdiZg==
Message-ID-Hash: T3KL2H5QXJQIG3OAB2WRI3OLQIL6Z4XS
X-Message-ID-Hash: T3KL2H5QXJQIG3OAB2WRI3OLQIL6Z4XS
X-MailFrom: kristof.teichel@ptb.de
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ntp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: ntp@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Ntp] Re: Grease in Roughtime
List-Id: Network Time Protocol <ntp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/Lv6KgbUhfplnDadQQyGpyoymKyE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Owner: <mailto:ntp-owner@ietf.org>
List-Post: <mailto:ntp@ietf.org>
List-Subscribe: <mailto:ntp-join@ietf.org>
List-Unsubscribe: <mailto:ntp-leave@ietf.org>
Hey Marcus, sorry, I just don't see how it works. I see the stated purpose: forcing client implementations to actually verify signatures rather than cheaping out and skipping that operation. I also see the stated measure: instructing server implementations to occasionally give bad time with faulty signatures. But I cannot see how the latter achieves the former. (As a side note, the stated purpose already seems weird to me: why would clients deliberately cheap out and forgo a major benefit of the whole protocol? And why would anyone else want or need to enforce that they don't? It literally only hurts the client itself) >From where I'm standing, the client implementations are still 100% free to cheap out. Sure, they will have false time if they do, but... they won't necessarily even know that, and thus not have any reason to change anything. If it is meant as a deterrent (and TBH I think anything that I won't even notice if it happens is a terrible deterrent) - wouldn't the possibility of there being an attacker already achieve that, too? It seems like we're instructing implementations to randomly behave badly for no (to me) tangible benefit. Would appreciate any help in understanding this. Besten Gruß / Kind regards, Kristof Teichel __________________________________________ Dr.-Ing. Kurt Kristof Teichel Physikalisch-Technische Bundesanstalt (PTB) Arbeitsgruppe 4.42 "Zeitübertragung" Bundesallee 100 38116 Braunschweig (Germany) Tel.: +49 (531) 592-4471 E-Mail: kristof.teichel@ptb.de __________________________________________ Von: "Marcus Dansarie" <marcus@dansarie.se> An: ntp@ietf.org Kopie: "kristof.teichel@ptb.de" <kristof.teichel@ptb.de> Datum: 24.09.2024 17:41 Betreff: Re: [Ntp] Re: Grease in Roughtime Hi Kristof, the point of greasing the signatures by providing bad time and bad signatures is to force implementations to check signatures, thereby preventing lazy implementations. Greasing signatures in this way has been in the text since Aanchal's first draft in 2019. The latest change just makes the purpose explicit. Kind regards, Marcus On 2024-09-24 09:46, kristof.teichel=40ptb.de@dmarc.ietf.org wrote: > Hi Marcus, > > thanks for doing my pull request and integrating my changes. I should > have done it earlier, but didn't. > > About the GREASE section... can you explain the thinking behind randomly > sending faulty packets? > a) How would anyone (other than the client itself) even know whether > or not the client reacted correctly (discarding a packet with > inconsistent data or an invalid signature)? > I don't think I see who would even evaluate this as a test, much > less how this could "ensure that clients validate signatures". > What am I missing here? > b) Wouldn't it make more sense to send packets with a valid timestamp > but invalid signature - so that in the case of misbehaviour (accepting > the time in spite of incorrect signature), nothing terrible would happen? > > > Besten Gruß / Kind regards, > Kristof Teichel > > __________________________________________ > > Dr.-Ing. Kurt Kristof Teichel > Physikalisch-Technische Bundesanstalt (PTB) > Arbeitsgruppe 4.42 "Zeitübertragung" > Bundesallee 100 > 38116 Braunschweig (Germany) > Tel.: +49 (531) 592-4471 > E-Mail: kristof.teichel@ptb.de > __________________________________________ > > > > Von: "Marcus Dansarie" <marcus@dansarie.se> > An: ntp@ietf.org > Datum: 23.09.2024 22:49 > Betreff: [Ntp] Re: Grease in Roughtime > ------------------------------------------------------------------------ > > > > Thanks for the comments! > > I just made a pull request on Github > (https://github.com/ietf-wg-ntp/draft-roughtime/pull/4 <https:// > github.com/ietf-wg-ntp/draft-roughtime/pull/4>) that should > clarify how grease is used in Roughtime. It also addresses most of > Martin and Kristof's comments. > > On 2024-09-17 13:52, David Venhoek wrote: >> First of all, regarding the ver tag, there is no requirement for >> servers to ignore unknown versions in that tag. this means that >> technically it is valid behavior right now for a server receiving >> unknown versions to reject that packet, even if there is version >> overlap. This seems highly undesirable > > I don't think I fully understand the problem you are describing here > however. Could you give an example? > > Kind regards, > Marcus > > _______________________________________________ > ntp mailing list -- ntp@ietf.org > To unsubscribe send an email to ntp-leave@ietf.org > > > > _______________________________________________ > ntp mailing list -- ntp@ietf.org > To unsubscribe send an email to ntp-leave@ietf.org
- [Ntp] Grease in Roughtime David Venhoek
- [Ntp] Re: Grease in Roughtime Marcus Dansarie
- [Ntp] Re: Grease in Roughtime kristof.teichel
- [Ntp] Re: Grease in Roughtime Marcus Dansarie
- [Ntp] Re: Grease in Roughtime kristof.teichel
- [Ntp] Re: Grease in Roughtime David Venhoek
- [Ntp] Re: Grease in Roughtime Marcus Dansarie
- [Ntp] Re: Grease in Roughtime Marcus Dansarie