Re: [Ntp] NTS IANA request
Harlan Stenn <stenn@nwtime.org> Fri, 07 June 2019 03:24 UTC
Return-Path: <stenn@nwtime.org>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69935120159 for <ntp@ietfa.amsl.com>; Thu, 6 Jun 2019 20:24:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MtKgRhOrWMRy for <ntp@ietfa.amsl.com>; Thu, 6 Jun 2019 20:24:45 -0700 (PDT)
Received: from chessie.everett.org (chessie.everett.org [66.220.13.234]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EB1DD12000F for <ntp@ietf.org>; Thu, 6 Jun 2019 20:24:44 -0700 (PDT)
Received: from [10.208.75.157] (75-139-194-196.dhcp.knwc.wa.charter.com [75.139.194.196]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by chessie.everett.org (Postfix) with ESMTPSA id 45Knvb5fJnzL7N; Fri, 7 Jun 2019 03:24:43 +0000 (UTC)
To: "kodonog@pobox.com" <kodonog@gmail.com>
Cc: ntp@ietf.org
References: <CAN2QdAH9Uh_wYSEizgYTjd4Q6VFQT+tvH8dnbPgKKc59+vEfng@mail.gmail.com> <a123d81b-4994-9e35-58eb-6845cf439f91@nwtime.org> <20190605164753.6e71fcaa@rellim.com> <03055E77-EB42-494E-A231-039C4603E256@akamai.com> <CAJm83bDYZ+vcwkhFEf2YCAVwKcSm7rEgbuB0Wwsvm5XVVAMjuQ@mail.gmail.com> <C8E4189E-E3A1-4926-AF0F-93BE9C7255C8@akamai.com> <CAJm83bBkU91st1CFAsx+JCLpxXyWOQnSTY9sXeuA96R8pqXdCA@mail.gmail.com> <14042f44-6cf0-0c23-c0d1-777ea7580cbc@nwtime.org> <0CAA3A39-12CB-4A23-A3E3-A9934FED312C@gmail.com>
From: Harlan Stenn <stenn@nwtime.org>
Openpgp: preference=signencrypt
Autocrypt: addr=stenn@nwtime.org; prefer-encrypt=mutual; keydata= mQGNBFI2xmQBDACrPayw18eU4pIwCvKh7k0iMkAV9cvzs49kBppM+xoH+KKj4QWmkKELD39H ngQnT3RkKsTLlwxyLqPdUmeQNAY2M5fsOK+OF6EvwLPK9hbmE3Wx2moX+sbEUxJ2VzFhKSKb OPZALXwk1XxL0qBedz0xHYcDwaSAZZkEFXURv2pDIdrmnoUnq2gdC8GpoFJiXoUaCLSYzzaY ac4Njw7Mue8IqfzRQb70aMjXl/qmsmfmEVAyGXywDdc/ler4XSgiuYOV7Kf69bj9PFZZSMdJ MWgEyZH6lJ0TU5ccR2zp5ZRmWzQQkxJMyH2th7q0Nmz3aX4A0K4yE0Ba9/5Dr7ctpF15BrMF aEo4s5lwI6tUnkgMWo265mMzCz4mAPV/ac0w0OXQg7r9E2r0+dRapnzUlG43D0JLDqDr9uRR L6IrRQqoCWUC75lfmPYQYSlaTJaK68r3lXd0z1cXJUgVtEL5H3/Z71R2B20twcQVAnw2iIH6 L5vdrsIjHrMmkqRVbs9nNyEAEQEAAbQ5SGFybGFuIFN0ZW5uIChOZXR3b3JrIFRpbWUgRm91 bmRhdGlvbikgPHN0ZW5uQG53dGltZS5vcmc+iQG5BBMBAgAjBQJSNsblAhsvBwsJCAcDAgEG FQgCCQoLBBYCAwECHgECF4AACgkQyIwAt1pH+kBlzgv/QOg70vdj8wU/z97UPdlbxtN4THAB gfSX4N0VPKT5fjX1tFhuXZQAOv7wedR3Trh7TGteyg33TBAFf9A42mXZKi1IxAiQG118Hd8I 51rXwnugURIYQaIyQI+vbchRbwVyz+mVLTI/h6FdbsVzT4UFmir+ZMkb/XeZPu0HItk4OZHE 6hk+TuTiCnlqlCPLq371fXV54VOb91WZYD8EQFtK02QHGHsQqWvapdphiDVpYehmsPyiTESq NMKLVtjtyPkQ6S7QF3slSg+2q3j8lyxEA78Yl0MSFNU8B/BtKgzWP2itBOfi+rtUKg+jOY1V /s2uVk2kq2QmHJ/s5k5ldy3qVvoTpxvwBe0+EoBocTHYt+xxp0mTM6YY1xLiQpLznzluqg9z qtejX1gZOF4mgLiBIrhXzed3zsAazhTp5rNb1kn0brZFh6JC5Wk941eilnA4LqX8AWo0lmwo eb+mpwZK/5lNdage/anpVqft9wJ/8EcvST9TLUO4fPrmT3d/0LpWuQGNBFI2xmQBDADXLsBk I7CSa5UXlrNVFJQHER1VxRBKqjWWCh/8Qv9v3p3NrIc2UnhoZ1uWQ2voBGty5Xfy9k4afV5k WwDyRDUIb7PX+Tj4HjVVr7qvnOVe/0KzZpNq0Azd0ggFbsM+8mydktHIwJykW0NUsGwPRYuD OA0Lro0ohb5IiCt3sSQi1X1hYjo7O1Vmn8Gy/XYOnhnMux+5zDPO2yTkCNX5PocYi9IJJy6p Mq1yQV4Y2Dl8KtQzvtq55vCUxx6n0MMzFViGwNW6F4ge9ItO4tDScsgowDrHa208ehwOpv/i wjf93lCClQ6vaKmOBX872K/tdY/hwhxPPjgl1bcrOwMRYVemOPPehwnXH5bwclk1hvDQdkJQ 5pJOkE4VCryTF/iDAt4g2QnHocUwt3b6/ChUUWmj2GZ22OR12rbnCtLedwp0DpViKPUCQHBO vpgXdzE/L9zWar9fqM0EREMgfWbsJc9028qluCcFLIN1gYsq4cC+YGAcOu7HOI5orBBV4m9j XfsAEQEAAYkDPgQYAQIACQUCUjbGZAIbLgGpCRDIjAC3Wkf6QMDdIAQZAQIABgUCUjbGZAAK CRDfCQ/G52/8P/uWDACe7OEM+VETDRqjQgAwzX+RjCVPvtgrqc1SExS0fV7i1mUUxr/B8io3 Y1cRHFoFKmedxf8prHZq316Md5u4egjFdTT6ZqEqkK0hvv+i0pRpCa5EX9VIStcJStomZp8F cY34grA+EOWITaLQ4qNZUP7rf2e7gq1ubQTj7uLr6HZZvMZ5em+IvrOWEuWDI6yOiI6px04w RDfkoR2h6kgdw4V0PT4NjK9WYYKrVCf1bjLlVImNBEcXfvlUTrIYO8y6ptvoUsBQky5pQRvP 99Pn42WfyLy50aII6+vyudD4T0yLjXAz4KteUttxtIte64m/F9/7GEIZAxTUcLyOq/7bP4le h39jBckwc62iYzeK/VkU/bMMh2D68Z3QylMnhhcW27BcgQHPKsHhmFa2SNytYcuQiSdf9+pj 4i32ETz1nJAvYAAqgTF/0PL+8ZNQoEpe/n9woMKrlZrqD4EgFmhQ3bNVhlaXz1nuTZDrwPt1 yMxBuUNbCF4jFnaruwrSiGTRoIfUZQwAjQglahrV4/mcjfnvbNoseHX0PKd9q+wjg7MIjWqr f2CI8Fa6MdanqwYphz43I2yXANKFZuMWsWqyQYlvGuPUlUUcAL3stp24RkzDB1Q+JS0IZJST T2JSu0aTfUdWVNqr2UI19eX+zxbOTckSi3Ng14ezG8ZX194ZH10b8JzntQOwmA20pd5JDhug zQfASER+CZDiPPcQ4mvC4y7rMrfV6XGQbDynC3ekDxo8SC5SvjaczXMwXg6SZ8iFtEWmEwW9 r7zPjjIPDrX8w5LXBgxArM5o/HbERpc2EdAvMh1D7LC0SvmoE7fBKxsicVBe4h6vXjEZ+LLr /wuZiBld9OnxAUIpwptbBspO6WKTQYvgFH2OeDG27hiE5P4Xs4WSp5j9ez8OVB1iZnA2nCQ+ tNTjO8c+C/P92vPLx5+bpGRXTXMNaLh34PS3ZsYoUDkKZNhczRZUWJ7nynSbeeyF+QW7SLwA qY7O7dyk9LFTsfJqRQJ7tWnIAjJPCwmSgQ8Kl0UJ
Message-ID: <0e4e607c-15b6-bb20-5e43-7fadeaf36471@nwtime.org>
Date: Thu, 06 Jun 2019 20:24:42 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.7.0
MIME-Version: 1.0
In-Reply-To: <0CAA3A39-12CB-4A23-A3E3-A9934FED312C@gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/XkwCLSzQl3R65WLnMmD5Xn0W7uM>
Subject: Re: [Ntp] NTS IANA request
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Jun 2019 03:24:48 -0000
My response was intended to be a technical response. I don't have the time or the desire to refute all of the wrong claims in this thread. H On 6/6/2019 8:23 PM, kodonog@pobox.com wrote: > Harlan, > > As we have discussed privately, this type of email response is not helpful. > Please limit your comments on the mailing list to specific technical > concerns. > > Thank you! > Karen > > On 6 Jun 2019, at 17:42, Harlan Stenn wrote: > >> As best as I can tell, the following is total rubbish. >> >> H >> >> On 6/6/2019 11:28 AM, Daniel Franke wrote: >>> As a slight tangent, we never concluded the discussion as to what >>> we're going to do about the fact that so many ISPs are dropping >>> 123/udp traffic with payloads larger than 48 bytes. I think we got as >>> far as concluding: >>> >>> 1. We're never going to persuade enough ISPs to change their policy, >>> making 123/udp basically doomed. >>> 2. NTS-KE's port negotiation record gives us all the mechanism we need >>> in order to run NTP-with-NTS over an alternate port. >>> >>> But that left an unresolved question: do we allocate a fixed alternate >>> UDP port, or should servers ask the OS for a dynamic port and then use >>> NTS-KE to advertise whatever the OS assigns to them? Both choices have >>> firewall-related drawbacks. If we use a fixed port, we risk landing >>> ourselves right back in the same situation we're in today with 123. At >>> minimum, to protect ourselves from this, the NTF would have to commit >>> to adding some code to ntpd such that it will refuse to ever send mode >>> 6 or 7 responses over the new port no matter what configuration the >>> user gives it. (Yes, mode 6 too, because mode 6 still amplifies, just >>> not as severely as mode 7 does). If we use a dynamic port, then it >>> becomes much harder for ISPs to block us, but it also becomes harder >>> for corporate firewalls with a default-deny-all policy to let us >>> through. >>> >>> On Thu, Jun 6, 2019 at 1:06 PM Salz, Rich <rsalz@akamai.com> wrote: >>>> >>>>> I'm strongly opposed to modifying NTS-KE to involve sending a >>>>> STARTTLS >>>> as a first step of the handshake. I don't want to make a breaking >>>> change to a protocol that's passed WGLC and has four interoperating >>>> implementations in order to accommodate a protocol that has >>>> never been >>>> implemented and whose specification consists of three vague >>>> sentences >>>> in an unadopted and expired I-D. >>>> >>>> I wasn't strongly advocating either mechanism, just trying to >>>> explain how things could share a port if that's what we wanted to do. >>>> >>>> For the record, since I see no definition of NTP/TLS, I am in favor >>>> of assigning 123/TCP to NTS. >>>> >>>> >>> >>> _______________________________________________ >>> ntp mailing list >>> ntp@ietf.org >>> https://www.ietf.org/mailman/listinfo/ntp >>> >> >> -- >> Harlan Stenn, Network Time Foundation >> http://nwtime.org - be a Member! >> >> _______________________________________________ >> ntp mailing list >> ntp@ietf.org >> https://www.ietf.org/mailman/listinfo/ntp > -- Harlan Stenn, Network Time Foundation http://nwtime.org - be a Member!
- [Ntp] NTS IANA request Watson Ladd
- Re: [Ntp] NTS IANA request Harlan Stenn
- Re: [Ntp] NTS IANA request Daniel Franke
- Re: [Ntp] NTS IANA request Gary E. Miller
- Re: [Ntp] NTS IANA request Daniel Franke
- Re: [Ntp] NTS IANA request Hal Murray
- Re: [Ntp] NTS IANA request Heiko Gerstung
- Re: [Ntp] NTS IANA request Miroslav Lichvar
- Re: [Ntp] NTS IANA request Salz, Rich
- Re: [Ntp] NTS IANA request Salz, Rich
- Re: [Ntp] NTS IANA request Daniel Franke
- Re: [Ntp] NTS IANA request Daniel Franke
- Re: [Ntp] NTS IANA request Salz, Rich
- Re: [Ntp] NTS IANA request Daniel Franke
- Re: [Ntp] NTS IANA request Harlan Stenn
- Re: [Ntp] NTS IANA request Harlan Stenn
- Re: [Ntp] NTS IANA request kodonog@pobox.com
- Re: [Ntp] NTS IANA request kodonog@pobox.com
- Re: [Ntp] NTS IANA request Heiko Gerstung
- Re: [Ntp] NTS IANA request Hal Murray
- Re: [Ntp] NTS IANA request Danny Mayer
- Re: [Ntp] NTS IANA request Warner Losh
- Re: [Ntp] NTS IANA request Daniel Franke
- Re: [Ntp] NTS IANA request Watson Ladd
- Re: [Ntp] NTS IANA request Majdi S. Abbas
- Re: [Ntp] NTS IANA request Daniel Franke
- Re: [Ntp] NTS IANA request Majdi S. Abbas
- Re: [Ntp] NTS IANA request Watson Ladd
- Re: [Ntp] NTS IANA request Harlan Stenn
- Re: [Ntp] NTS IANA request Watson Ladd
- Re: [Ntp] NTS IANA request tglassey@earthlink.net
- Re: [Ntp] NTS IANA request tglassey@earthlink.net
- Re: [Ntp] NTS IANA request tglassey@earthlink.net
- [Ntp] Antw: Re: NTS IANA request Ulrich Windl