IETF Logo Mail Archive

[Ntp] Antw: [EXT] Re: NTPv5 draft

Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de> Tue, 08 December 2020 09:50 UTC

Return-Path: <Ulrich.Windl@rz.uni-regensburg.de>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51A963A07F5 for <ntp@ietfa.amsl.com>; Tue, 8 Dec 2020 01:50:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id USlwbbnL424M for <ntp@ietfa.amsl.com>; Tue, 8 Dec 2020 01:50:39 -0800 (PST)
Received: from mx3.uni-regensburg.de (mx3.uni-regensburg.de [IPv6:2001:638:a05:137:165:0:4:4e79]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE13B3A07EB for <ntp@ietf.org>; Tue, 8 Dec 2020 01:50:38 -0800 (PST)
Received: from mx3.uni-regensburg.de (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 6A0956000051 for <ntp@ietf.org>; Tue, 8 Dec 2020 10:50:36 +0100 (CET)
Received: from gwsmtp.uni-regensburg.de (gwsmtp1.uni-regensburg.de [132.199.5.51]) by mx3.uni-regensburg.de (Postfix) with ESMTP id 52794600004A for <ntp@ietf.org>; Tue, 8 Dec 2020 10:50:36 +0100 (CET)
Received: from uni-regensburg-smtp1-MTA by gwsmtp.uni-regensburg.de with Novell_GroupWise; Tue, 08 Dec 2020 10:50:36 +0100
Message-Id: <5FCF4C6B020000A10003D5F2@gwsmtp.uni-regensburg.de>
X-Mailer: Novell GroupWise Internet Agent 18.3.0
Date: Tue, 08 Dec 2020 10:50:35 +0100
From: Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de>
To: doug.arnold@meinberg-usa.com, "philipp@redfish-solutions.com" <philipp@redfish-solutions.com>
Cc: Rich Salz <rsalz=40akamai.com@dmarc.ietf.org>, Dieter Sibold <dsibold.ietf@gmail.com>, "ntp@ietf.org" <ntp@ietf.org>, mlichvar@redhat.com
References: <20201111161947.GG1559650@localhost> <AA848C67-CFB7-43FC-B190-FD3911360373@gmail.com> <20201201081203.GB1900232@localhost> <2B8C7410-DFA7-4A87-A33E-F50FFA96D0F9@gmail.com> <20201201100305.GK1900232@localhost> <F62C1325-8409-474C-9650-FA96405D0F4B@gmail.com> <20201207104541.GE2352378@localhost> <E0159612-5D83-4A0E-BBD1-1D75C0B49226@akamai.com> <20201207153444.GO2352378@localhost> <1204B871-7728-45DA-B628-8F79BD074A96@akamai.com> <4719090B-86D5-4BB5-BCBE-E0DF739D6816@meinberg-usa.com> <E67C9778-5EAF-42F8-805A-F64BEA8FF44A@redfish-solutions.com>
In-Reply-To: <E67C9778-5EAF-42F8-805A-F64BEA8FF44A@redfish-solutions.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Content-Disposition: inline
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/ZwG0hHIeqNi5hl3iQ5S9GVcKu_k>
Subject: [Ntp] Antw: [EXT] Re: NTPv5 draft
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Dec 2020 09:50:40 -0000

>>> Philip Prindeville <philipp@redfish-solutions.com> schrieb am 07.12.2020
um
23:25 in Nachricht
<E67C9778-5EAF-42F8-805A-F64BEA8FF44A@redfish-solutions.com>:
> If you’re saying “we all agree […] it could be optional” then I dissent.
> 
> I think that “private networks” and the notion of “the Intranet as 
> implicitly secure” and the term “inside the perimeter” will fall by the 
> wayside before 2030.
> 
> One of my previous employers (Gigamon) built an entire business model on the

> assumption that you need to monitor internal traffic for malware, insider 
> attacks, etc. and hence marketed “network visibility appliances” (i.e. 
> switches and taps that could intercept traffic and clone it to an IDS for 
> real-time analysis).  The market apparently agrees.
> 
> Those that don’t think they need security inside their perimeter are simply

> those that haven’t had an insider attack, or someone bring in a contaminated

> laptop onto the campus network, etc… or haven’t yet realized that they
have.

I think the bigger problem is some trojan sent from external having access to
the internal (unsecured) network.
Most employees have to sign that they don't do evil things and they don't
publish confidential information, so I don't see insiders being that evil, but
theere may be bosses using that argument to monitor what their emplyees do
(which may be illegal just the same way...).

Regards,
Ulrich

v2.23.0 | Report a Bug | By Email