IETF Logo Mail Archive

Re: [Ntp] NTP Security (was NTPv5: big picture)

Marcus Dansarie <marcus@dansarie.se> Fri, 22 January 2021 12:59 UTC

Return-Path: <marcus.dansarie.nilsson@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FEDE3A117C for <ntp@ietfa.amsl.com>; Fri, 22 Jan 2021 04:59:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.763
X-Spam-Level:
X-Spam-Status: No, score=-1.763 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.248, NICE_REPLY_A=-0.262, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S-P_QbzFQKWv for <ntp@ietfa.amsl.com>; Fri, 22 Jan 2021 04:59:17 -0800 (PST)
Received: from mail-lj1-x229.google.com (mail-lj1-x229.google.com [IPv6:2a00:1450:4864:20::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D7B033A116F for <ntp@ietf.org>; Fri, 22 Jan 2021 04:59:16 -0800 (PST)
Received: by mail-lj1-x229.google.com with SMTP id e7so6379825ljg.10 for <ntp@ietf.org>; Fri, 22 Jan 2021 04:59:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:subject:to:references:from:message-id:date:user-agent :mime-version:in-reply-to; bh=5rjoz8vcv/kNNpq7b9w3WPpkEUpTylvt8nwD6wAanG8=; b=if+V3rwXPwMxDpH6iGx1HvtQ0DRgJrr8eVnNnD5mu5M+nTTQjSg1bMW0QSApLyvFVB k1LKdbZYD6Ip4ilwDQXH5YDzl/l5K8G0Iz6Tn1WzdXqCbgdP4Qzi3DGASwx03k/rDFsS LQig7GDRuwAamDw0gqcU+1gjkXS6EEJ31Q8LCO+RRk3yP3uucc4uvdD/IMSDFY5k6dVE CL2Hvp9DQ0hVTmsfWMZ+wrfLZ6mCWJgwbj6kDmMq8kJ5rcbXDC/tolSLGq6pq55NRPAW CKpo+vwPfZI5thy6ivPESsS0uDUeKcMMPcxBJ6SAXI9uXEBJ9NNCkRYUpiJe3PBm2oOF BwpQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:subject:to:references:from:message-id :date:user-agent:mime-version:in-reply-to; bh=5rjoz8vcv/kNNpq7b9w3WPpkEUpTylvt8nwD6wAanG8=; b=soZ4e3A0tDYwA6h25PhS1ei/y0r1OYoS+89/S7CWkiSQQPk4cadIVo7pJ9GJUg03Wi zGFwjLi6olJjjwhmdHkuO5sltT/EEZC1tHrRZle+JpnHtJoXBmCPSN5t4sLb8P6jKid1 xDDsPXUjC9SZ4QwfHyF8EdtJIPDCfWaEGkD0HVr4kG1FcZU3vQnCoFHTrTEftwmSNGet KtbdIU+7ItdVvBLmb19K+a3ScaiPm2qGJj4vjSfgVNCfZoeT/jj6JNpyGTdbhQLyKVai JullIoIILJeRJUel3u9cTz74sAzVhJmwepDomlCjx5zVRxn9s5geXzINninB16xzVMnT wALg==
X-Gm-Message-State: AOAM533/diQpqDuJmEEhLHudkfQ7nir6kvo7AkZO8hDRTJzrKkFtSme8 QncHQ/2HSn2RB9CctWoNF9v6EKb52+m+pw==
X-Google-Smtp-Source: ABdhPJzEKZuMJBGsuC/64pvB0pghxG0Ih1PIwo90qZYqE9mOEoGRPYsT2vRlnEewIiC+m4SDzh4FHg==
X-Received: by 2002:a2e:9849:: with SMTP id e9mr319900ljj.319.1611320354759; Fri, 22 Jan 2021 04:59:14 -0800 (PST)
Received: from ?IPv6:2001:470:dfe6:0:46b7:dc7c:b9b5:f334? ([2001:470:dfe6:0:46b7:dc7c:b9b5:f334]) by smtp.gmail.com with ESMTPSA id l133sm873611lfd.234.2021.01.22.04.59.13 for <ntp@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 22 Jan 2021 04:59:13 -0800 (PST)
Sender: Marcus Dansarie <marcus.dansarie.nilsson@gmail.com>
To: ntp@ietf.org
References: <20210118113806.33BBE40605C@ip-64-139-1-69.sjc.megapath.net> <c6fda979-0b3e-99fc-2dc5-25b7cde4c42b@rubidium.se> <20210118162517.GA2410317@localhost> <acdd42d0-9b58-4b26-0798-55a42bc0b6de@rubidium.se> <YAX6gJiREb2RE6Gs@roeckx.be> <c5378682-e03f-9e46-24d5-025eb4a57c05@rubidium.se> <20210119094217.GB2430794@localhost> <68c0d807-2290-3c44-d760-35306af20434@rubidium.se> <20210119130408.GD2430794@localhost> <ed1de364-ab7c-86f4-2390-8d96ca708321@thalesgroup.com> <20210119135115.GF2430794@localhost> <F2EE68D7-F9BC-4F2E-BF67-3868DD8F834C@meinberg-usa.com> <CACsn0cknL942x_1PrriGWB0WC5yPcGbjtxxUnKV+a0qEb018Dw@mail.gmail.com>
From: Marcus Dansarie <marcus@dansarie.se>
Message-ID: <32772e7b-2d76-0360-98f2-250b396b4eea@dansarie.se>
Date: Fri, 22 Jan 2021 13:59:09 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.6.1
MIME-Version: 1.0
In-Reply-To: <CACsn0cknL942x_1PrriGWB0WC5yPcGbjtxxUnKV+a0qEb018Dw@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="9aEHgJrO492ruBwdCSPI40DDIXOZAkBGZ"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/RYTjDPB6RXI6mNo0GV604J-rptw>
Subject: Re: [Ntp] NTP Security (was NTPv5: big picture)
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jan 2021 12:59:19 -0000

On 2021-01-22 03:46, Watson Ladd wrote:
> Yes! But solving requires more implementations, more text on
> impeachment, more monitors, and yes more code by me. Our deployment
> isn't implementing the latest draft yet.
> 
> Send comments! Run servers! Run monitors! Roughtime, like CT, is an
> ecosystem. It's beyond my resources to do it myself, but I hope to
> have good news to share at IETF about deployments of the draft
> version.

I am happy to report that my Roughtime server implementation was updated
to the latest draft in December. Connection information is available in
the draft and at https://roughtime.se.

/Marcus

v2.23.0 | Report a Bug | By Email