IETF Logo Mail Archive

Re: [ntpwg] Antw: Re: Antw: Re: call for adoption (draft-dfranke-ntp-data-minimization)

Harlan Stenn <stenn@nwtime.org> Tue, 28 March 2017 07:38 UTC

Return-Path: <ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org>
X-Original-To: ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com
Delivered-To: ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 27E851293FD for <ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com>; Tue, 28 Mar 2017 00:38:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Jeeo8DcmgRPO for <ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com>; Tue, 28 Mar 2017 00:38:19 -0700 (PDT)
Received: from lists.ntp.org (psp3.ntp.org [185.140.48.241]) by ietfa.amsl.com (Postfix) with ESMTP id 324CD127876 for <ntp-archives-ahFae6za@lists.ietf.org>; Tue, 28 Mar 2017 00:38:19 -0700 (PDT)
Received: from psp3.ntp.org (localhost.ntp.org [127.0.0.1]) by lists.ntp.org (Postfix) with ESMTP id 3AF1986DC10 for <ntp-archives-ahFae6za@lists.ietf.org>; Tue, 28 Mar 2017 07:38:14 +0000 (UTC)
X-Original-To: ntpwg@lists.ntp.org
Delivered-To: ntpwg@lists.ntp.org
Received: from mail1.ntp.org (fortinet.ntp.org [10.224.90.254]) by lists.ntp.org (Postfix) with ESMTP id 05F6486D77E for <ntpwg@lists.ntp.org>; Tue, 28 Mar 2017 07:38:11 +0000 (UTC)
Received: from chessie.everett.org ([66.220.13.234]) by mail1.ntp.org with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.77 (FreeBSD)) (envelope-from <stenn@nwtime.org>) id 1cslha-0002c9-SM for ntpwg@lists.ntp.org; Tue, 28 Mar 2017 07:38:10 +0000
Received: from localhost (localhost [127.0.0.1]) by chessie.everett.org (Postfix) with SMTP id 2828FB836 for <ntpwg@lists.ntp.org>; Tue, 28 Mar 2017 07:38:06 +0000 (UTC)
Received: from hms-mbp11.pfcs.com (96-41-177-107.dhcp.mdfd.or.charter.com [96.41.177.107]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by chessie.everett.org (Postfix) with ESMTPSA id ADF99B825; Tue, 28 Mar 2017 07:38:05 +0000 (UTC)
To: ntpwg@lists.ntp.org
References: <CA564C5C-6CED-4810-BA2F-5433F2525249@isoc.org> <20170327133842.GK8192@localhost> <58D9FD22020000A1000255AD@gwsmtp1.uni-regensburg.de> <4cff4cd7-1eec-0e72-b235-1a8d65fc7fc4@nwtime.org> <58DA0F83020000A1000255CF@gwsmtp1.uni-regensburg.de>
From: Harlan Stenn <stenn@nwtime.org>
Message-ID: <86fab54e-c328-a8ea-582a-fa5d7763ff1d@nwtime.org>
Date: Tue, 28 Mar 2017 00:38:04 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <58DA0F83020000A1000255CF@gwsmtp1.uni-regensburg.de>
X-DSPAM-Result: Innocent
X-DSPAM-Processed: Tue Mar 28 07:38:05 2017
X-DSPAM-Confidence: 0.9899
X-DSPAM-Improbability: 1 in 9809 chance of being spam
X-DSPAM-Probability: 0.0000
X-DSPAM-Signature: 6384,58da12dd107501943217995
X-SA-Exim-Connect-IP: 66.220.13.234
X-SA-Exim-Rcpt-To: ntpwg@lists.ntp.org
X-SA-Exim-Mail-From: stenn@nwtime.org
X-SA-Exim-Version: 4.2
X-SA-Exim-Scanned: Yes (on mail1.ntp.org)
Subject: Re: [ntpwg] Antw: Re: Antw: Re: call for adoption (draft-dfranke-ntp-data-minimization)
X-BeenThere: ntpwg@lists.ntp.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: IETF Working Group for Network Time Protocol <ntpwg.lists.ntp.org>
List-Unsubscribe: <http://lists.ntp.org/options/ntpwg>, <mailto:ntpwg-request@lists.ntp.org?subject=unsubscribe>
List-Archive: <http://lists.ntp.org/pipermail/ntpwg/>
List-Post: <mailto:ntpwg@lists.ntp.org>
List-Help: <mailto:ntpwg-request@lists.ntp.org?subject=help>
List-Subscribe: <http://lists.ntp.org/listinfo/ntpwg>, <mailto:ntpwg-request@lists.ntp.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org
Sender: ntpwg <ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org>


On 3/28/17 12:23 AM, Ulrich Windl wrote:
>> https://datatracker.ietf.org/doc/html/draft-dfranke-ntp-data-minimization
>> 
> 
> I'd suggest to move the explanation for transmit time randomization
> from "security considerations" to the actual proposal. Also with 11
> to 14 bits of randomness for todays clients I wonder whether sending
> a bunch of 2000 to 16000 bad response packets will remain undetected
> by the client (in case of an attack). IMHO it would be consistent to
> set precision to 3 (the lowest possible precision (0.125s) where NTP
> will start to work) and use 29 bits of randomness then. Still a half
> billion attack packets might transit without being detected, but I
> doubt that.

The NTP Project's software will alert whenever an unexpected origin
timestamp arrives.  So if you start seeing thousands of these arrive you
have knowledge that a bad guy is spoofing you to your server.

Also, for client responses, the "gate" for using this is pretty short -
it's the window between sending the initial request to the server, and
the time the response comes back.

I'm back to wondering how this is not a "tempest in a teapot".

-- 
Harlan Stenn <stenn@nwtime.org>
http://networktimefoundation.org - be a member!

_______________________________________________
ntpwg mailing list
ntpwg@lists.ntp.org
http://lists.ntp.org/listinfo/ntpwg

v2.23.0 | Report a Bug | By Email