Re: [Ntp] Encrypted NTS cookie placeholder
Martin Langer <mart.langer@ostfalia.de> Wed, 29 January 2020 12:57 UTC
Return-Path: <mart.langer@ostfalia.de>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 685BC12011C for <ntp@ietfa.amsl.com>; Wed, 29 Jan 2020 04:57:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UncaXxxFvErG for <ntp@ietfa.amsl.com>; Wed, 29 Jan 2020 04:57:24 -0800 (PST)
Received: from mx1.sonia.de (mx1.sonia.de [141.41.1.237]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D65841200F5 for <ntp@ietf.org>; Wed, 29 Jan 2020 04:57:23 -0800 (PST)
Received: from mx1.sonia.de (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 1C4EA1C800F7 for <ntp@ietf.org>; Wed, 29 Jan 2020 13:57:22 +0100 (CET)
Received: from exchange05.resource.sonia.de (exchange05.resource.sonia.de [141.41.8.38]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.sonia.de (Postfix) with ESMTPS id 19A771C800EC for <ntp@ietf.org>; Wed, 29 Jan 2020 13:57:21 +0100 (CET)
To: ntp@ietf.org
References: <20200129101442.GJ20504@localhost>
From: Martin Langer <mart.langer@ostfalia.de>
Message-ID: <5211fcff-ee87-fc14-24a8-b709434d4f9f@ostfalia.de>
Date: Wed, 29 Jan 2020 13:57:21 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Thunderbird/68.4.2
MIME-Version: 1.0
In-Reply-To: <20200129101442.GJ20504@localhost>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
X-Originating-IP: [141.41.8.54]
X-ClientProxiedBy: exchange03.resource.sonia.de (141.41.8.36) To exchange05.resource.sonia.de (141.41.8.147)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/OArhsvQkcVvkapQwReoxAP95xbs>
Subject: Re: [Ntp] Encrypted NTS cookie placeholder
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jan 2020 12:57:27 -0000
Thanks for this information. My implementation doesn't support encrypted NTS Cookie Placeholder right now. Looks like I forgot this scenario. Thanks ;) best regards, Martin Am 29.01.2020 um 11:14 schrieb Miroslav Lichvar: > I noticed an interoperability issue with NTS servers that people here > have been using for testing. > > The draft says in 5.7: > The client MAY include one or more NTS Cookie Placeholder extension > fields which MUST be authenticated and MAY be encrypted. > > But that doesn't seem to be supported by most of the servers. Some > ignore encrypted Placeholders (sending a shorter response) and some > don't even respond to such a request. The implementors may want to > check that. > -- Martin Langer, M.Eng. Ostfalia Hochschule für angewandte Wissenschaften - Hochschule Braunschweig/Wolfenbüttel University of Applied Sciences Labor Datentechnik, Labor Design Digitaler Systeme Fakultät Elektrotechnik Salzdahlumer Straße 46/48 38302 Wolfenbüttel Germany Tel. : +49 5331 939 43370 Web : https://www.ostfalia.de/cms/de/pws/bermbach/mitarbeiter/martin-langer
- [Ntp] Encrypted NTS cookie placeholder Miroslav Lichvar
- Re: [Ntp] Encrypted NTS cookie placeholder Martin Langer
- Re: [Ntp] Encrypted NTS cookie placeholder Hal Murray
- Re: [Ntp] Encrypted NTS cookie placeholder Miroslav Lichvar