Re: [Ntp] Antwort: Antw: [EXT] Re: NTPv5 draft
Miroslav Lichvar <mlichvar@redhat.com> Mon, 14 December 2020 12:31 UTC
Return-Path: <mlichvar@redhat.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D3EF43A07D3 for <ntp@ietfa.amsl.com>; Mon, 14 Dec 2020 04:31:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.198
X-Spam-Level:
X-Spam-Status: No, score=-0.198 tagged_above=-999 required=5 tests=[DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5SH6R7utZ02I for <ntp@ietfa.amsl.com>; Mon, 14 Dec 2020 04:31:37 -0800 (PST)
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [63.128.21.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 41BE93A1047 for <ntp@ietf.org>; Mon, 14 Dec 2020 04:31:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1607949096; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=uGWA72WrDg3orOGYE2sbnjyjv60BsTUyO5ePImdLHJQ=; b=dqy2s7oOzaq+c+VEwg+ejlyd2Ym4exgAv0W5l5B30Otaum3E11q05vL+eB2r2k24Kt862w 9coaX6QllnhFTdnkBK+o7FYmhOd663f0WbdBuwRGQurCon+JBkiNwHTdS8iv70+JcWL2Px 9L1Dn8y7EgGbTU7HkxGR1Cy/eX5hrQY=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-466-Q9yjgc_tN6S6TtQSUB01hQ-1; Mon, 14 Dec 2020 07:31:31 -0500
X-MC-Unique: Q9yjgc_tN6S6TtQSUB01hQ-1
Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 26DE5800D55; Mon, 14 Dec 2020 12:31:30 +0000 (UTC)
Received: from localhost (holly.tpb.lab.eng.brq.redhat.com [10.43.134.11]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C48B73480B; Mon, 14 Dec 2020 12:31:28 +0000 (UTC)
Date: Mon, 14 Dec 2020 13:31:27 +0100
From: Miroslav Lichvar <mlichvar@redhat.com>
To: kristof.teichel@ptb.de
Cc: Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de>, "ntp@ietf.org" <ntp@ietf.org>, Dieter Sibold <dsibold.ietf@gmail.com>, james.ietf@gmail.com, Rich Salz <rsalz=40akamai.com@dmarc.ietf.org>
Message-ID: <20201214123127.GE2540645@localhost>
References: <20201208150725.GX2352378@localhost> <6d7daa5e-8537-a3a5-a5c3-2468be4c2918@gmail.com> <20201209083800.GY2352378@localhost> <bcec8d14-9af9-96c1-7e71-39569cb7b0ed@gmail.com> <51D0EEC3-F30E-4A0F-9DBA-B8D2A8CFA959@akamai.com> <42E7D41602000042824A10E1@gwsmtp.uni-regensburg.de> <18374174020000D46A6A8CFC@gwsmtp.uni-regensburg.de> <1C64D458020000B5824A10E1@gwsmtp.uni-regensburg.de> <A4CD014B020000F57BE0EBB5@gwsmtp.uni-regensburg.de> <OFE90AD9EF.CD8E14CE-ONC125863A.0036599D-C125863A.003A796E@ptb.de>
MIME-Version: 1.0
In-Reply-To: <OFE90AD9EF.CD8E14CE-ONC125863A.0036599D-C125863A.003A796E@ptb.de>
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23
Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=mlichvar@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/Ml5tCXjDOOOhNWSav9T-koc_ltY>
Subject: Re: [Ntp] Antwort: Antw: [EXT] Re: NTPv5 draft
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Dec 2020 12:31:39 -0000
On Thu, Dec 10, 2020 at 11:38:41AM +0100, kristof.teichel@ptb.de wrote: > It seems to me that the answer is clearly that NTPv5 should natively make > available security that is strong (enough), as well as easy to deploy and > use. > I do not agree with the train of thought that because some users don't > strictly need security for their use case, security should be disabled by > default. I asked if the specification should recommend use of authentication, but Dieter said it's not good enough. I don't think it should require the use of authentication, but even if it did, it wouldn't change security of the protocol itself. I think it's really up to the implementations and their default configurations. There is not much we can do about it in a protocol specification. > 1) First of all, this only makes abstract sense to me as a conclusion if > security enabled by default comes at significant cost - and I think we can > prevent this from being true, specifically by investing work into support > of a "two-step" message format, where all security (and, honestly, most > information overall) is only included in the "follow-up" message; then > security being enabled really has zero extra cost (apart from everything > being more accurate overall). NTP is used everywhere. Some hardware doesn't have enough memory/storage to support TLS/NTS. Some computers don't have an RTC or cannot be assumed to start with correct time to be able to validate certificates. Symmetric keys may not be practical. There are other costs, like the complexity of implementation and its attack surface. NTS is much more complex than NTP. It's more likely to have security issues, either in the protocol (TLS) or the implementation. The threat model with simple unauthenticated NTP is well understood. > 2) Second of all, I think these use cases (where users don't need security > because they are using NTP in a closed controlled network) are the > exception rather than the norm. The majority of NTP traffic is going to > happen over the open internet, and security should pretty much > unconditionally be used in that scenario. I agree secure NTP should be the norm, but the protocol shouldn't try to enforce it. > As kind of an aside @Miroslav: I don't think anyone is claiming that > NTPv4+NTS has a security issue in the sense that it does not provide > adequate security when used (otherwise I really would like to explicitly > hear such concerns!). Rich seems to be saying that if NTPv5 was redesigned for security, it would be different from NTPv4 or the proposed NTPv5. I don't see how. NTS in NTP is basically just an AEAD that authenticates and sometimes encrypts the NTP data. It doesn't matter what it actually is protecting, right? As long as the protocol allows all data to be protected, there is no issue with security, e.g. downgrade attacks. With NTS all security negotiation happens separately over TLS. NTP is just a payload. > Changing to NTPv5 provides just that opportunity. We can simply > standardize that security (with NTS) be enabled. What exactly do you suggest for the document to say? > TL;DR: I'm in favor of security being enabled by default in NTPv5 and > using NTS to realize that. It presents an opportunity to massively > increase the use of security in NTP traffic. If we believe that the cost > is too great for some use cases, let us focus our energy on reducing it, > instead of letting the opportunity go to waste! I doubt NTPv5 can change the adoption of NTS. I'd say currently the biggest issues are the dependency on time for certificate validation and lack of support in pool.ntp.org. There is nothing NTPv5 can do about that. -- Miroslav Lichvar
- [Ntp] NTPv5 draft Miroslav Lichvar
- Re: [Ntp] NTPv5 draft Dieter Sibold
- Re: [Ntp] NTPv5 draft Kurt Roeckx
- Re: [Ntp] NTPv5 draft Steven Sommars
- Re: [Ntp] NTPv5 draft Doug Arnold
- Re: [Ntp] NTPv5 draft Salz, Rich
- Re: [Ntp] NTPv5 draft Philip Prindeville
- Re: [Ntp] NTPv5 draft Philip Prindeville
- Re: [Ntp] NTPv5 draft Miroslav Lichvar
- Re: [Ntp] NTPv5 draft Miroslav Lichvar
- [Ntp] Antw: [EXT] Re: NTPv5 draft Ulrich Windl
- Re: [Ntp] Antw: [EXT] Re: NTPv5 draft Miroslav Lichvar
- [Ntp] Antw: [EXT] Re: NTPv5 draft Ulrich Windl
- Re: [Ntp] NTPv5 draft Kurt Roeckx
- [Ntp] Antw: [EXT] Re: NTPv5 draft Ulrich Windl
- [Ntp] Antw: [EXT] Re: NTPv5 draft Ulrich Windl
- Re: [Ntp] NTPv5 draft Miroslav Lichvar
- Re: [Ntp] Antw: [EXT] Re: NTPv5 draft Miroslav Lichvar
- Re: [Ntp] NTPv5 draft James
- [Ntp] Antw: Re: Antw: [EXT] Re: NTPv5 draft Ulrich Windl
- Re: [Ntp] NTPv5 draft Miroslav Lichvar
- Re: [Ntp] NTPv5 draft Dieter Sibold
- Re: [Ntp] Antw: Re: Antw: [EXT] Re: NTPv5 draft Hal Murray
- Re: [Ntp] Antw: Re: Antw: [EXT] Re: NTPv5 draft Miroslav Lichvar
- Re: [Ntp] Antw: Re: Antw: [EXT] Re: NTPv5 draft Hal Murray
- Re: [Ntp] NTPv5 draft Miroslav Lichvar
- Re: [Ntp] NTPv5 draft Kurt Roeckx
- Re: [Ntp] NTPv5 draft Hal Murray
- [Ntp] Antw: Re: Antw: Re: Antw: [EXT] Re: NTPv5 d… Ulrich Windl
- [Ntp] Antw: [EXT] Re: NTPv5 draft Ulrich Windl
- Re: [Ntp] NTPv5 draft Doug Arnold
- Re: [Ntp] Antw: Re: Antw: Re: Antw: [EXT] Re: NTP… Hal Murray
- Re: [Ntp] Antw: [EXT] Re: NTPv5 draft Salz, Rich
- Re: [Ntp] Antw: [EXT] Re: NTPv5 draft Doug Arnold
- Re: [Ntp] Antw: [EXT] Re: NTPv5 draft Kurt Roeckx
- Re: [Ntp] NTPv5 draft Hal Murray
- Re: [Ntp] NTPv5 draft Doug Arnold
- Re: [Ntp] NTPv5 draft Dieter Sibold
- Re: [Ntp] NTPv5 draft Miroslav Lichvar
- Re: [Ntp] NTPv5 draft Salz, Rich
- Re: [Ntp] NTPv5 draft Miroslav Lichvar
- Re: [Ntp] NTPv5 draft Salz, Rich
- Re: [Ntp] NTPv5 draft James
- Re: [Ntp] NTPv5 draft Warner Losh
- Re: [Ntp] NTPv5 draft Philip Prindeville
- Re: [Ntp] NTPv5 draft Hal Murray
- Re: [Ntp] NTPv5 draft Warner Losh
- Re: [Ntp] NTPv5 draft Salz, Rich
- Re: [Ntp] NTPv5 draft Hal Murray
- Re: [Ntp] NTPv5 draft Hal Murray
- Re: [Ntp] NTPv5 draft Philip Prindeville
- Re: [Ntp] NTPv5 draft Doug Arnold
- Re: [Ntp] NTPv5 draft Doug Arnold
- Re: [Ntp] NTPv5 draft Doug Arnold
- Re: [Ntp] NTPv5 draft Philip Prindeville
- Re: [Ntp] NTPv5 draft Hal Murray
- Re: [Ntp] NTPv5 draft Hal Murray
- Re: [Ntp] NTPv5 draft Salz, Rich
- [Ntp] Antw: [EXT] Re: NTPv5 draft Ulrich Windl
- [Ntp] Antw: [EXT] Re: NTPv5 draft Ulrich Windl
- [Ntp] Antw: [EXT] Re: NTPv5 draft Ulrich Windl
- [Ntp] Antw: [EXT] Re: NTPv5 draft Ulrich Windl
- [Ntp] Antw: [EXT] Re: NTPv5 draft Ulrich Windl
- Re: [Ntp] NTPv5 draft Miroslav Lichvar
- Re: [Ntp] NTPv5 draft Salz, Rich
- Re: [Ntp] NTPv5 draft Marcus Dansarie
- Re: [Ntp] NTPv5 draft Miroslav Lichvar
- Re: [Ntp] NTPv5 draft Salz, Rich
- Re: [Ntp] NTPv5 draft James
- Re: [Ntp] NTPv5 draft Magnus Danielson
- Re: [Ntp] NTPv5 draft Warner Losh
- Re: [Ntp] NTPv5 draft Magnus Danielson
- Re: [Ntp] NTPv5 draft Warner Losh
- [Ntp] Antw: [EXT] Re: NTPv5 draft Ulrich Windl
- Re: [Ntp] NTPv5 draft Miroslav Lichvar
- Re: [Ntp] NTPv5 draft Magnus Danielson
- Re: [Ntp] NTPv5 draft James
- Re: [Ntp] NTPv5 draft Salz, Rich
- Re: [Ntp] NTPv5 draft Miroslav Lichvar
- Re: [Ntp] NTPv5 draft Miroslav Lichvar
- [Ntp] Antw: [EXT] Re: NTPv5 draft Ulrich Windl
- [Ntp] Antwort: Antw: [EXT] Re: NTPv5 draft kristof.teichel
- Re: [Ntp] Antwort: Antw: [EXT] Re: NTPv5 draft Hal Murray
- Re: [Ntp] NTPv5 draft James
- Re: [Ntp] Antwort: Antw: [EXT] Re: NTPv5 draft Miroslav Lichvar
- Re: [Ntp] NTPv5 draft Miroslav Lichvar
- Re: [Ntp] Antwort: Antw: [EXT] Re: NTPv5 draft Christer Weinigel