IETF Logo Mail Archive

Re: [Ntp] NTPv5 draft

Dieter Sibold <dsibold.ietf@gmail.com> Mon, 30 November 2020 19:12 UTC

Return-Path: <dsibold.ietf@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 718DA3A1072 for <ntp@ietfa.amsl.com>; Mon, 30 Nov 2020 11:12:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vw-53_ZVAYBQ for <ntp@ietfa.amsl.com>; Mon, 30 Nov 2020 11:12:12 -0800 (PST)
Received: from mail-wr1-x42b.google.com (mail-wr1-x42b.google.com [IPv6:2a00:1450:4864:20::42b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B5E043A1059 for <ntp@ietf.org>; Mon, 30 Nov 2020 11:12:11 -0800 (PST)
Received: by mail-wr1-x42b.google.com with SMTP id t4so17644142wrr.12 for <ntp@ietf.org>; Mon, 30 Nov 2020 11:12:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Hygst8mY1ieP+EkJnPAWFGnMh9EaAlAbMI/rp9mGuQc=; b=msbz42/Cz0IPx9E+whUhuBBSDJY43yEhe9Bl8UH4Ue8rgBh83Qc7qGwhsZKTrcXmGc 1kVRPAEhg0SfCfTH9wuPPXuGXNqdz1iEXCBapYP3FCQIaKxV+UIFLpabxAlBIOTyYZjc KA6lVoCFmyFc/oSZLAWK3WkKNzKpf8d4EeD9MufkYRP5ch3cwuanoVLBE2d/pgZBx2/8 xi2tYsbsZGhMteFR+VpmalU/pcO/fCHNW8yVaI0/8BoIh8UyXhHDB0jJPXE/+NC5O7+7 zUiE2Ia2Tsl9RnI2zh9OacYqzB7+7KJ7nSxUV5inkLGqiN8bmAonpcnrMNzEecIy/E37 cZbw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Hygst8mY1ieP+EkJnPAWFGnMh9EaAlAbMI/rp9mGuQc=; b=i5ry8LsojbjMWz4jw0OXomgQQXDNH8JDTDI3Xv/AOQkYdKW9k4V7tYF7lnRx9RdPSP UpLoXslV56jO6WqURqOEWM9ymbGxoTey/hl7VfFiAEQYB0gRzNdiJJq7otTK2yKbcQ2D lwjWCUNdH8RJSC8TV/ENNFATSR/cUuM4IYFacLI8LuwukPa/0GChDbYE5qx0jJFA53Bo BKJeh3MPpgdY+O9qCMR9MlqWpzP3LlpfKdU4O40GdtLPYV4NsNH4NmOLRILxbrpIXk3R lODgZuwjcrFRaupai2/Y9Ima2nmNdin2Q7zbtAF9meNSnIt8RdIIerSH7oWHByFCX4Kr UWPQ==
X-Gm-Message-State: AOAM530OZ/47cXVxqvg9WfmufQBVvH7QLmMVA5eHahepElJ7t6J81/k5 dkbwiPiLpiS9i8nrBx+gaCs=
X-Google-Smtp-Source: ABdhPJx0ksCNPT5VENHoCYCJj3KlG7bjK3X5EIC9iWkWDe0boOHcVktqFMTBWxi2npf4rnHidsR8rQ==
X-Received: by 2002:adf:e3cf:: with SMTP id k15mr29750259wrm.259.1606763529978; Mon, 30 Nov 2020 11:12:09 -0800 (PST)
Received: from [192.168.111.41] (p200300d17f15f400892190861191c319.dip0.t-ipconnect.de. [2003:d1:7f15:f400:8921:9086:1191:c319]) by smtp.gmail.com with ESMTPSA id g11sm30128311wrq.7.2020.11.30.11.12.07 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Nov 2020 11:12:08 -0800 (PST)
From: Dieter Sibold <dsibold.ietf@gmail.com>
To: Miroslav Lichvar <mlichvar@redhat.com>
Cc: ntp@ietf.org
Date: Mon, 30 Nov 2020 20:12:06 +0100
X-Mailer: MailMate (1.13.2r5673)
Message-ID: <AA848C67-CFB7-43FC-B190-FD3911360373@gmail.com>
In-Reply-To: <20201111161947.GG1559650@localhost>
References: <20201111161947.GG1559650@localhost>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/Qm9rhlUVtZCNF0wB0ROUdQewdI8>
Subject: Re: [Ntp] NTPv5 draft
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Nov 2020 19:12:13 -0000

Hi Miroslav

Many thanks for your NTPv5 proposal.

With my working group chair’s hat off!

I have following comments:


1. Security

The protocol as proposed is missing a security approach. There are no 
mechanisms described to provide authentication, integrity protection and 
maybe encryption. I very much agree with Jame’s proposed draft that a 
new version of NTP must provide these mechanisms by default.  Sure, you 
can add NTS to protect the NTPv5 packets. But in this case protection is 
always an optional add-on whereas it needs to be an inherent part of the 
basic protocol. To achieve this the NTS approach certainly can be 
transferred to the basic v5 protocol and packet format.




2. Interleave and 2-Step

I agree with Doug to decide with approach to provide with NTPv5. 
Providing both 2-Step and Interleave may increase complexity 
unnecessarily. Personally, I find that the 2-step approach with the 
follow-up message is more concise. And since the first message only need 
to be very small (it just needs to contain the information to ensure 
correlation with the follow up) the waste of network bandwidth is very 
small.



3. Traceability

It would make sense that the v5-packets optionally provide information 
about the uncertainty of the timestamps taken. These formally for 
establishing traceability. Additionally, in order to maintain 
traceability during the time period in which leap smearing is applied 
the client needs to obtain the necessary information to calculate the 
offset between UTC and smeared time. This also is mandatory to maintain 
traceability.


Dieter









On 11 Nov 2020, at 17:19, Miroslav Lichvar wrote:

> As promised on the previous meetings, I wrote an NTPv5 draft. It's
> based on the proposal I sent to this list few months ago, with few
> improvements like timestamp fields seperated from cookies, etc. It
> still needs a lot of work to be able to stand on its own, but I think
> it should be good enough for people here to understand how it is
> intended to work.
>
> It's too late to submit it for the upcoming meeting. Here is a link to
> a txt version if anyone would like to read it and discuss it here:
>
> https://gist.github.com/mlichvar/2bee94a706d60da9ca88d712afef083e
>
> -- 
> Miroslav Lichvar
>
> _______________________________________________
> ntp mailing list
> ntp@ietf.org
> https://www.ietf.org/mailman/listinfo/ntp

v2.23.0 | Report a Bug | By Email