Re: [Ntp] Draft rechartering text for NTP working group

"Salz, Rich" <rsalz@akamai.com> Sun, 25 July 2021 14:17 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 496A13A2B8C for <ntp@ietfa.amsl.com>; Sun, 25 Jul 2021 07:17:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.548
X-Spam-Level:
X-Spam-Status: No, score=-2.548 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.452, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BvSGIl3Ow_3g for <ntp@ietfa.amsl.com>; Sun, 25 Jul 2021 07:16:55 -0700 (PDT)
Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [IPv6:2620:100:9001:583::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6333D3A2B8A for <ntp@ietf.org>; Sun, 25 Jul 2021 07:16:55 -0700 (PDT)
Received: from pps.filterd (m0050095.ppops.net [127.0.0.1]) by m0050095.ppops.net-00190b01. (8.16.0.43/8.16.0.43) with SMTP id 16PEALVj021859; Sun, 25 Jul 2021 15:16:53 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : subject : date : message-id : content-type : mime-version; s=jan2016.eng; bh=l+82hTCvgDkKFTz/2998qccNeRL2jQO4qk8WbeZqHT0=; b=lbro3Y5UBpRVqil/wULNhPFof+EcvFUNzcoF1oRIL70HevF5JrPDyeSruhKV2qgLKDn6 R1eCnOMu9Si4B3CpDQfRM45BLjWxDuqeP/8ESTLoiN9EQEpgm6ESwr5tgpMrqPVhS+xY eTz1X1UO0GiB6UIOXL6ChbYf0TsKn5W5fEswagDm1S2MiQKUvJmFij5DcN6p7o7imBHP HJG1u9memDiHp0V5XDZ4QGl8KaT/q3Qjr25iuy7T+ugAgxFRZAY2qx7brGu0IwiSodOX FgaH7NXa6r8CLF3iMH52RwI/jauwsZUW9F0vCjRmesRKsbWoXwBCZrLcv4aT+JAx598F Pg==
Received: from prod-mail-ppoint8 (a72-247-45-34.deploy.static.akamaitechnologies.com [72.247.45.34] (may be forged)) by m0050095.ppops.net-00190b01. with ESMTP id 3a0aday4vc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 25 Jul 2021 15:16:53 +0100
Received: from pps.filterd (prod-mail-ppoint8.akamai.com [127.0.0.1]) by prod-mail-ppoint8.akamai.com (8.16.1.2/8.16.1.2) with SMTP id 16PE4gJJ012193; Sun, 25 Jul 2021 10:16:51 -0400
Received: from email.msg.corp.akamai.com ([172.27.165.112]) by prod-mail-ppoint8.akamai.com with ESMTP id 3a0e70059w-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Sun, 25 Jul 2021 10:16:51 -0400
Received: from USTX2EX-DAG1MB1.msg.corp.akamai.com (172.27.165.119) by ustx2ex-dag1mb3.msg.corp.akamai.com (172.27.165.121) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Sun, 25 Jul 2021 09:16:51 -0500
Received: from USTX2EX-DAG1MB1.msg.corp.akamai.com ([172.27.165.119]) by ustx2ex-dag1mb1.msg.corp.akamai.com ([172.27.165.119]) with mapi id 15.00.1497.018; Sun, 25 Jul 2021 09:16:51 -0500
From: "Salz, Rich" <rsalz@akamai.com>
To: Karen O'Donoghue <odonoghue@isoc.org>, "ntp@ietf.org" <ntp@ietf.org>
Thread-Topic: [Ntp] Draft rechartering text for NTP working group
Thread-Index: AQHXgV+1/bl5Wrrk20mbs3TMAr5WLA==
Date: Sun, 25 Jul 2021 14:16:50 +0000
Message-ID: <F3010ED3-F305-496F-894B-8522BC80F386@akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.50.21061301
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.27.164.43]
Content-Type: multipart/alternative; boundary="_000_F3010ED3F305496F894B8522BC80F386akamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-07-25_04:2021-07-23, 2021-07-25 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 malwarescore=0 mlxscore=0 spamscore=0 phishscore=0 bulkscore=0 mlxlogscore=694 adultscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104190000 definitions=main-2107250099
X-Proofpoint-GUID: YXzyWFrsFqHjh0Kk0PwHIrX0QrurWSGz
X-Proofpoint-ORIG-GUID: YXzyWFrsFqHjh0Kk0PwHIrX0QrurWSGz
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-07-25_04:2021-07-23, 2021-07-25 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 phishscore=0 adultscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 suspectscore=0 spamscore=0 malwarescore=0 priorityscore=1501 bulkscore=0 impostorscore=0 mlxlogscore=634 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104190000 definitions=main-2107250102
X-Agari-Authentication-Results: mx.akamai.com; spf=${SPFResult} (sender IP is 72.247.45.34) smtp.mailfrom=rsalz@akamai.com smtp.helo=prod-mail-ppoint8
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/P3PDibsUR7SuAgGySRLmGTSF3IQ>
Subject: Re: [Ntp] Draft rechartering text for NTP working group
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 25 Jul 2021 14:17:01 -0000

I think the introduction should mention that accurate time is fundamental to implementing many important security properties, and therefore often must be (cryptographically, or otherwise) secured.

From: "odonoghue@isoc.org" <odonoghue@isoc.org>
Date: Saturday, July 24, 2021 at 8:50 AM
To: "ntp@ietf.org" <ntp@ietf.org>
Subject: [Ntp] Draft rechartering text for NTP working group

Below is draft text for the rechartering of the NTP working group. Please review and comment. This will be on the agenda for next week’s meeting.

Regards,
Karen and Dieter

Good quality time is a key component of all modern systems, devices, and applications. This quality time requires reliable and accurate network time synchronization over modern IP-based networks.  The Network Time Protocols working group is focused on enhancing existing network time synchronizsation protocols, such as the Network Time Protocol (NTP), and specifing new network time related protocols or extensions for purposes which the existing protocols are not well suited to address.

NTP was first defined in the IETF in RFC 958 in 1985. It has been through several iterations in the IETF. The latest, NTPv4 (RFC 5905) was published in 2010.  Today it is the most widely used time synchronization protocol for the synchronization of clocks of various digital systems including computers, networks, and a myriad of devices. Despite NTP's wide-spread success it has become apparent that it needs further development in order to adequately meet the modern requirements of time synchronization protocols and to meet the increasing security threats of the Internet.

The working group will continue to to address the maintenance of NTPv4 including extensions and corrections. This includes the introduction of a interleave mode in order to enhance the accuracy of the network time synchronization and the introduction of alternative selection algorithms in order to enhance robustness against delay attacks.

Despite its increasing importance, NTP remains vulnerable to many types of  attacks. Therefore, in 2020 the working group published Network Time Security (NTS) as RFC 8915. NTS extends NTP with an authentication approach to ensure authenticity of NTP time servers and protects the integrity of exchanged NTP packets. The working group will work on extending NTS to cover the remaining modes of service for NTP not covered by the initial version. The working group will also work on extending NTS for PTP(1) in collaboration with the IEEE 1588 working group.

The working group shall also develop an updated version of NTP (preliminarly known as NTPv5) addressing a number of identified weaknesses. The new specification shall comprise of a set of documents, in order to distinguish between the on-wire protocol engine and the timing engine of NTP clients and servers.  The updated version of NTP will address the security requirements specified in RFC 7384 and leverage the work completed in RFC 8915.

Finally, the working group, will address other network time related protocols in the IETF (e.g. Roughtime).

(1) PTP is the Precision Time Protocol as defined by the IEEE 1588. The latest version is IEEE 1588-2019 - IEEE Standard for a Precision Clock Synchronization Protocol for Networked Measurement and Control Systems.