Re: [Ntp] Encrypted NTS cookie placeholder

Martin Langer <mart.langer@ostfalia.de> Wed, 29 January 2020 12:57 UTC

Return-Path: <mart.langer@ostfalia.de>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 685BC12011C for <ntp@ietfa.amsl.com>; Wed, 29 Jan 2020 04:57:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UncaXxxFvErG for <ntp@ietfa.amsl.com>; Wed, 29 Jan 2020 04:57:24 -0800 (PST)
Received: from mx1.sonia.de (mx1.sonia.de [141.41.1.237]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D65841200F5 for <ntp@ietf.org>; Wed, 29 Jan 2020 04:57:23 -0800 (PST)
Received: from mx1.sonia.de (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 1C4EA1C800F7 for <ntp@ietf.org>; Wed, 29 Jan 2020 13:57:22 +0100 (CET)
Received: from exchange05.resource.sonia.de (exchange05.resource.sonia.de [141.41.8.38]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.sonia.de (Postfix) with ESMTPS id 19A771C800EC for <ntp@ietf.org>; Wed, 29 Jan 2020 13:57:21 +0100 (CET)
To: <ntp@ietf.org>
References: <20200129101442.GJ20504@localhost>
From: Martin Langer <mart.langer@ostfalia.de>
Message-ID: <5211fcff-ee87-fc14-24a8-b709434d4f9f@ostfalia.de>
Date: Wed, 29 Jan 2020 13:57:21 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Thunderbird/68.4.2
MIME-Version: 1.0
In-Reply-To: <20200129101442.GJ20504@localhost>
Content-Type: text/plain; charset="utf-8"; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
X-Originating-IP: [141.41.8.54]
X-ClientProxiedBy: exchange03.resource.sonia.de (141.41.8.36) To exchange05.resource.sonia.de (141.41.8.147)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/OArhsvQkcVvkapQwReoxAP95xbs>
Subject: Re: [Ntp] Encrypted NTS cookie placeholder
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jan 2020 12:57:27 -0000

Thanks for this information.

My implementation doesn't support encrypted NTS Cookie Placeholder right 
now.
Looks like I forgot this scenario. Thanks ;)

best regards,
Martin


Am 29.01.2020 um 11:14 schrieb Miroslav Lichvar:
> I noticed an interoperability issue with NTS servers that people here
> have been using for testing.
>
> The draft says in 5.7:
> The client MAY include one or more NTS Cookie Placeholder extension
> fields which MUST be authenticated and MAY be encrypted.
>
> But that doesn't seem to be supported by most of the servers. Some
> ignore encrypted Placeholders (sending a shorter response) and some
> don't even respond to such a request. The implementors may want to
> check that.
>

-- 
Martin Langer, M.Eng.
Ostfalia Hochschule für angewandte Wissenschaften
- Hochschule Braunschweig/Wolfenbüttel
University of Applied Sciences

Labor Datentechnik, Labor Design Digitaler Systeme
Fakultät Elektrotechnik
Salzdahlumer Straße 46/48
38302 Wolfenbüttel
Germany

Tel. : +49 5331 939 43370
Web  : https://www.ostfalia.de/cms/de/pws/bermbach/mitarbeiter/martin-langer