IETF Logo Mail Archive

Re: [Ntp] Last Call: <draft-ietf-ntp-yang-data-model-10.txt> (A YANG Data Model for NTP) to Proposed Standardsecurity

Dhruv Dhody <dhruv.ietf@gmail.com> Tue, 09 February 2021 10:43 UTC

Return-Path: <dhruv.ietf@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D4CF3A1574 for <ntp@ietfa.amsl.com>; Tue, 9 Feb 2021 02:43:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d3IQbxDCKJrN for <ntp@ietfa.amsl.com>; Tue, 9 Feb 2021 02:43:11 -0800 (PST)
Received: from mail-io1-xd2c.google.com (mail-io1-xd2c.google.com [IPv6:2607:f8b0:4864:20::d2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CAE2D3A19A0 for <ntp@ietf.org>; Tue, 9 Feb 2021 02:43:11 -0800 (PST)
Received: by mail-io1-xd2c.google.com with SMTP id f6so18252123ioz.5 for <ntp@ietf.org>; Tue, 09 Feb 2021 02:43:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=tWZihQ9/0UaODiRGE2+FEqPFi6/l1zAyulK0umCgdpc=; b=DMmTADZknsG8NHHSiLCKmyPT0M3K4tYwk4LTg1jq7z4VpdvykWkIO0DU6zoHLLo/Bv iS2n+ENC24uawz5TL6s1bpG3203euKPmFOeMskmmOtKvRDvg4LQc2yKliUegNcII44uR tZXE891ZEI/1+Y5qbw62aoLjdXPfi8O7WhdB+CTkQNfKr3utFjJ6HlVMIKMbgW99YDJE L/4753teS5YdqK2zjXaOCWDKhAc7X7qtYbRnv44WuXo7mDaBmbfJa6W/nW9xmas1NRUF reHJquZWAei7UHmg5yKd3Kz5kwgAgPXOnnuKu3MXOFMTnOEJ+f2BV0umPWVoaViTbqAY XvZQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=tWZihQ9/0UaODiRGE2+FEqPFi6/l1zAyulK0umCgdpc=; b=JPUvBn0DaEJE9xZwn5dbQ9jgJmMlqw11C3FCzp/E1MX9OxksV3EUFzTX5743ydW74Q rW3CZXTlq8MGskXi5Wb7j9/z9XyklZPAGikK3QxCrbJ56OF+XJDU+G/Npto1dm77zDgo iThxiltAqSWufvUU45p0mmpavDU+h373ifMhLSvVvNkU9oS90LZeHYh6Sdk3zpd5ABI3 ej/u+W1kxeB/5uDwc3B/PlSXFpvQd17EuBeQKVYeugaC66AQI+N8E39czKw10PJEoi++ wGfCy/DBrQV/U4y+mC7nuknl3X2IaCR9PTz+CR5jm36w9n/SRNeqxSHNFiT4Z+v4wXiE NJRw==
X-Gm-Message-State: AOAM532nM40lCsXK+Lu2sRMiXAybB8EabNUrm9HuZOVRapI5eH+eyq+t J4g9fuGVKIOHg06T8s6x2kcoM+dqtycnTQgNbt8=
X-Google-Smtp-Source: ABdhPJxNuZg+MeLqDre8YcFsW6FVVnB1SGaUC3+/zwNBbeQmb2X+YZ0mIooYnMNrvso5qtH2kZTqFk1PcokHczfabJ8=
X-Received: by 2002:a05:6602:2bf0:: with SMTP id d16mr19433019ioy.178.1612867390756; Tue, 09 Feb 2021 02:43:10 -0800 (PST)
MIME-Version: 1.0
References: <daedulus@btconnect.com> <60212265.6020204@btconnect.com> <20210209093446.E11F8406061@ip-64-139-1-69.sjc.megapath.net> <20210209102948.GA1903164@localhost>
In-Reply-To: <20210209102948.GA1903164@localhost>
From: Dhruv Dhody <dhruv.ietf@gmail.com>
Date: Tue, 09 Feb 2021 16:12:34 +0530
Message-ID: <CAB75xn4hAHndOvVZ=QMJ0BcswsK55yjaoV_cjPxyxqNR49dp4A@mail.gmail.com>
To: Miroslav Lichvar <mlichvar@redhat.com>
Cc: NTP WG <ntp@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/USkAr6puH0oh1O6gg4-I9QKV-zM>
Subject: Re: [Ntp] Last Call: <draft-ietf-ntp-yang-data-model-10.txt> (A YANG Data Model for NTP) to Proposed Standardsecurity
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Feb 2021 10:43:13 -0000

Hi Miroslav,


On Tue, Feb 9, 2021 at 4:00 PM Miroslav Lichvar <mlichvar@redhat.com> wrote:
>
> On Tue, Feb 09, 2021 at 01:34:46AM -0800, Hal Murray wrote:
> > Existing NTP code also supports SHA-1
> >
> > RFC 8573 that deprecated using MD5 with NTP suggests using AES-CMAC.  Note
> > that is CMAC rather than HMAC and that NTP uses it's own scheme rather than
> > HMAC as described in RFC 6151.
> >
> > The NTPsec code supports any hash (or CMAC) algorithm that the underlying
> > library from OpenSSL supports.
>
> There is also NTS. The model doesn't seem to have an option to enable
> that.
>

Using the usual YANG augmentation technique
[https://tools.ietf.org/html/rfc7950#section-4.2.8], one can augment
this YANG model to add NTS details. Another I-D would need to be
published based on the interest in the WG.

> This brings a question how can be the YANG model extended with new,
> possibly implementation-specific, options, or new values for some
> options. For example, the model says minpoll and maxpoll have a range
> of 4..17, but no implementation that I know follows that.
>

The YANG augment allows for vendors to add vendor-specific parameters
to standard data models in an interoperable way. That said I will
reconfirm with my co-authors the range for minpoll and maxpoll and if
that needs to change.

Thanks!
Dhruv


> --
> Miroslav Lichvar
>
> _______________________________________________
> ntp mailing list
> ntp@ietf.org
> https://www.ietf.org/mailman/listinfo/ntp

v2.15.0 | Report a Bug | By Email