IETF Logo Mail Archive

Re: [Ntp] NTPv5 draft

Doug Arnold <doug.arnold@meinberg-usa.com> Mon, 30 November 2020 22:13 UTC

Return-Path: <doug.arnold@meinberg-usa.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7041D3A12D2 for <ntp@ietfa.amsl.com>; Mon, 30 Nov 2020 14:13:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.891
X-Spam-Level:
X-Spam-Status: No, score=-1.891 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_TVD_FUZZY_SECURITIES=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=meinbergfunkuhren.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sC0vCsmF-7Rz for <ntp@ietfa.amsl.com>; Mon, 30 Nov 2020 14:13:06 -0800 (PST)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2044.outbound.protection.outlook.com [40.107.21.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2DF043A12AC for <ntp@ietf.org>; Mon, 30 Nov 2020 14:12:58 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Og4bNI/Ok0qlXB5isGPFULFwz8hAx4U7nwS68/kDD+mgjSaMNBOONos1metjgXAOUVZhFgNCo8mZUT2wSSjCm72eS0VknRbt/bZXXRVgZmOVaCqr8ujoL823KgPsUOdwFT/aeCThu2lHCNTdU5g89oEMEV9waOZeEfTPp9snZB54+Bx51m6Sq/FNonsMfRnZpPUQ2yrncOrXIcbwrLT13sT/asz8+ArX5KIOryE3pgtefZGInqgfkMNtVDqGcB84s4sQLGl8maJfyvHnd1PQMe2P2OQ3aOCsMwrUnVkFFIJhQ/brelJ/491YS23I3MupiOALcP0XKr5stwyBqEwErw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bB8z4R4b5bc1v0PF+s/OBO+0edz4eCZkhCgtmwj+tHY=; b=Zxs/UqNAhTYG4BbzjOzGvInAaOcN3C2ebxnV2msRuC+jB8slO1m/vPn7IhmonjEl8ENcmwBFyxqHTTFdJSEbsjoA7eCE9jM7FKoHlpEtapUsPu6Lq3Mqm7IZ+KFvat8RonjrMVYCFJ3rnodHxKX0W5agzNuF3OcvlUCAVJiKbOlheD/EuEWC866LYnAnXZZV0OOFVnqq0lhYrFlQHjGjydJeSmq8r1hEesjjTnLg9kU1zGKULCg7BPmdG34YJhIzcH50Xz5lcM9RHAi+NeRxeh3qgKdRCsa57R6scu0TN7LEIj+DhSOK5dNpi9NmuGCQ88cLrFUQtV9yHWmj9uY4fg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=meinberg-usa.com; dmarc=pass action=none header.from=meinberg-usa.com; dkim=pass header.d=meinberg-usa.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=meinbergfunkuhren.onmicrosoft.com; s=selector1-meinbergfunkuhren-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bB8z4R4b5bc1v0PF+s/OBO+0edz4eCZkhCgtmwj+tHY=; b=QZz4MgvVL4t1CnVkD+v/7wVlPStSVwq2uCR2Kaee5Y5cakNskcKkWyU6aCHnQ8vPermss5H/8KjI1bmRMFGFW7Br9+bfj6HyrKZQWuEzWXELaO+f7X7tcN/8UIUUKG2K3UqgzZpEfs/SgVUAgSMmIfxhm7Ng923PeHpknwRTNmo=
Received: from AM7PR02MB5765.eurprd02.prod.outlook.com (2603:10a6:20b:102::15) by AM6PR02MB4246.eurprd02.prod.outlook.com (2603:10a6:20b:4f::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3611.31; Mon, 30 Nov 2020 22:12:56 +0000
Received: from AM7PR02MB5765.eurprd02.prod.outlook.com ([fe80::d022:fca0:630d:905f]) by AM7PR02MB5765.eurprd02.prod.outlook.com ([fe80::d022:fca0:630d:905f%6]) with mapi id 15.20.3611.031; Mon, 30 Nov 2020 22:12:56 +0000
From: Doug Arnold <doug.arnold@meinberg-usa.com>
To: Dieter Sibold <dsibold.ietf@gmail.com>, Miroslav Lichvar <mlichvar@redhat.com>
CC: "ntp@ietf.org" <ntp@ietf.org>
Thread-Topic: [Ntp] NTPv5 draft
Thread-Index: AQHWuEaDlKEJhbHR1E2C9HXHW1gbZ6nhKNUA///es4A=
Date: Mon, 30 Nov 2020 22:12:56 +0000
Message-ID: <49B3601E-C6A9-4B9E-BE9D-7FD69CCC54DC@meinberg-usa.com>
References: <20201111161947.GG1559650@localhost> <AA848C67-CFB7-43FC-B190-FD3911360373@gmail.com>
In-Reply-To: <AA848C67-CFB7-43FC-B190-FD3911360373@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.43.20110804
authentication-results: gmail.com; dkim=none (message not signed) header.d=none; gmail.com; dmarc=none action=none header.from=meinberg-usa.com;
x-originating-ip: [64.30.82.72]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 06ce22bd-5dcf-4e68-ff45-08d8957d1700
x-ms-traffictypediagnostic: AM6PR02MB4246:
x-microsoft-antispam-prvs: <AM6PR02MB424651E8FF8ADF4C0C373BC8CFF50@AM6PR02MB4246.eurprd02.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: WN+CpcME+SvQt03cASDsRavcJWxg4VJyQpLeAVTWBqgcXTvgTUO244Lfkmcxd4D6oXX/FjAja62XOtx3Nfe9GytlAe8bN+kSRGNGJp8otZDfu5S94z3fWT2UiHhDZXANJIODCv7QLjE7/+6FSjq7e6WtQ+BQ+tQeLUHGpWhbt4cY+ZBRxoPBkqW3FKjgOQyZQ9hmNSJtAWxhuB4jTLMBN8IZguxfeAwMYg5JkWAhfyH3yZY0nRyGt4qMexJ3K2DPvYSbqzOpORHwwCADv3Ixk7pFQ5KcTJK8/fZz47mcJKtftYm9nAPgQKFvsqNGDJk61eNqip24EGzuQgan8iVv4d8AlUgTXfbwinzJ4hwafRFNyNovjRpmBH+Fzf3Iax0/MQyKxnbPiuckntsvmQ0Xeg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM7PR02MB5765.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(396003)(366004)(39830400003)(136003)(376002)(346002)(33656002)(66946007)(8936002)(26005)(6486002)(8676002)(66446008)(76116006)(91956017)(64756008)(110136005)(71200400001)(66476007)(66556008)(478600001)(44832011)(86362001)(2906002)(966005)(6512007)(186003)(6506007)(53546011)(4326008)(2616005)(316002)(5660300002)(36756003)(83380400001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: HTAgNbUAjTlBaoung5iDT+EtMGyuKEVRhkPlhPEo63BdNsD5lxu+mVGPPYL+ZWMn+m318YgTqpjY2dTLiofzbYKD3ez6hOw3FXmG4oEBHTAIde3t4yh9AYtYIPdwKtO5gN1ulVUh9k2NBzA2DFqvinQfRULK8SaC4Gt6IJ37ULwbhyxXzaLp3MnuPPBC1Fo7eS+fG1IisMEOPQW0oBGK0txyKgx2+Xc2gmXIl3OSV3S1qCfG2k1j4BtBFCZH2wLCV98lsxIXBkc7PHMdv67XT3tH/QpSBgEi63xtXLfKr7n2AtNT8ZEws94zsE1PS6D7aohi22j8a7VfUzPzTX8WwtdzK5y7OG/EyR0mOxTtJA9n/2D2ke8QlwuFlLwxUsIiuGWyL9mdv9KuGwFuvUVO5OKo8TrBzaACmdzLNZnLfm8Jw9ieiiUHlQ/7UpxnL7qZvWPbpPyBWnmozkAV3CQ0n2DQg3MUtF5nqvS02abPzW9p89IMLFPIc4TP4f7ppm2O4hsbtg7NNtsIJpOqqpAdxGQFX4awtMZcZ1uyCiYJxVDjvR1OtoSaUCrU63OlcHRmQBvGmsAEQ/qaSLilRzwvWnB41EcNwIEnlhgwUocgsn34NiFFUxtvYwTbKZlEWVDaQaoF2cZC8FzHZBCe6+8u0ydVAcNJOoJ2uwCiUeR4YBmYXAxfbnVl30Xy6EnLmvl4yvSNyqA3FuvT928Z4y449HKYcNTnNGkS2qF00hC+8CfoiI2qWpDIuRhmKZaKgJn2kRiOp+alNPH1SM8DcUYMQrZ858X6fQ9TQNQUv3BPfyAyHW7TpU4MR7g2Q/2Vgyh95WMWuJE/hwG3v+AptgnwOHStJT6r1RRkfeRkn5IFtEnZydpRVQLGTBPuQr3yjBSb72IzrPrAsqYpN86vMTZPzXXIg2wzLSGoBQbflvuKaDcgFRtNXX0ladPHqVNC3JtlcHv0imB+66leIL4XD6lb+//pyZEsOtLzcmUfeJGWXJxjyvoFazSGFey9B+W4mq46
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <ED3B94A26D4A8E4C8E5CEF1B9A878D51@eurprd02.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: meinberg-usa.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM7PR02MB5765.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 06ce22bd-5dcf-4e68-ff45-08d8957d1700
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Nov 2020 22:12:56.1859 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d59904cd-769f-4368-8bd0-f5f435893a38
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: a7t0aLy8WvbMEMOVwGrTPRWliFBdcZ0mwmCyPJY4Rz888mWFgvXV5TlOM1liKyGe/C9vfqDJBuSBhPRgAs1ClNNgXrO23dMQctOADkx7ivo=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR02MB4246
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/ND5eDkR9qh0gEeHy4uf6w6jtVVI>
Subject: Re: [Ntp] NTPv5 draft
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Nov 2020 22:13:14 -0000

RE security: 
I think that there is a possibility of a non safety-critical closed network application of ntp that does not need security.  Especially if the client has a limited processor implementation.  I don't know, a golf course watering system or something.

Mandatory or not, I think that security should be added to the protocol as an extension field, and described in another document.  Security mechanisms change frequently.  I think that there is a good chance that we, or someone, will define a successor to NTS within 10 years.  But the over the wire ntp specification might last longer.  One of the virtues of Miroslav's proposal is that the minimum ptp message and protocol are simple and everything else is an extension. 

Doug

On 11/30/20, 2:12 PM, "ntp on behalf of Dieter Sibold" <ntp-bounces@ietf.org on behalf of dsibold.ietf@gmail.com> wrote:

    Hi Miroslav

    Many thanks for your NTPv5 proposal.

    With my working group chair’s hat off!

    I have following comments:


    1. Security

    The protocol as proposed is missing a security approach. There are no 
    mechanisms described to provide authentication, integrity protection and 
    maybe encryption. I very much agree with Jame’s proposed draft that a 
    new version of NTP must provide these mechanisms by default.  Sure, you 
    can add NTS to protect the NTPv5 packets. But in this case protection is 
    always an optional add-on whereas it needs to be an inherent part of the 
    basic protocol. To achieve this the NTS approach certainly can be 
    transferred to the basic v5 protocol and packet format.




    2. Interleave and 2-Step

    I agree with Doug to decide with approach to provide with NTPv5. 
    Providing both 2-Step and Interleave may increase complexity 
    unnecessarily. Personally, I find that the 2-step approach with the 
    follow-up message is more concise. And since the first message only need 
    to be very small (it just needs to contain the information to ensure 
    correlation with the follow up) the waste of network bandwidth is very 
    small.



    3. Traceability

    It would make sense that the v5-packets optionally provide information 
    about the uncertainty of the timestamps taken. These formally for 
    establishing traceability. Additionally, in order to maintain 
    traceability during the time period in which leap smearing is applied 
    the client needs to obtain the necessary information to calculate the 
    offset between UTC and smeared time. This also is mandatory to maintain 
    traceability.


    Dieter









    On 11 Nov 2020, at 17:19, Miroslav Lichvar wrote:

    > As promised on the previous meetings, I wrote an NTPv5 draft. It's
    > based on the proposal I sent to this list few months ago, with few
    > improvements like timestamp fields seperated from cookies, etc. It
    > still needs a lot of work to be able to stand on its own, but I think
    > it should be good enough for people here to understand how it is
    > intended to work.
    >
    > It's too late to submit it for the upcoming meeting. Here is a link to
    > a txt version if anyone would like to read it and discuss it here:
    >
    > https://gist.github.com/mlichvar/2bee94a706d60da9ca88d712afef083e
    >
    > -- 
    > Miroslav Lichvar
    >
    > _______________________________________________
    > ntp mailing list
    > ntp@ietf.org
    > https://www.ietf.org/mailman/listinfo/ntp

    _______________________________________________
    ntp mailing list
    ntp@ietf.org
    https://www.ietf.org/mailman/listinfo/ntp

v2.23.0 | Report a Bug | By Email