IETF Logo Mail Archive

[ntpwg] Antw: Re: call for adoption (draft-dfranke-ntp-data-minimization)

"Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de> Tue, 28 March 2017 06:36 UTC

Return-Path: <ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org>
X-Original-To: ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com
Delivered-To: ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3213129669 for <ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com>; Mon, 27 Mar 2017 23:36:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4aNFRt7yBpfY for <ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com>; Mon, 27 Mar 2017 23:36:09 -0700 (PDT)
Received: from lists.ntp.org (psp3.ntp.org [185.140.48.241]) by ietfa.amsl.com (Postfix) with ESMTP id C5849128B4E for <ntp-archives-ahFae6za@lists.ietf.org>; Mon, 27 Mar 2017 23:36:08 -0700 (PDT)
Received: from psp3.ntp.org (localhost.ntp.org [127.0.0.1]) by lists.ntp.org (Postfix) with ESMTP id AF32D86DC0A for <ntp-archives-ahFae6za@lists.ietf.org>; Tue, 28 Mar 2017 06:36:03 +0000 (UTC)
X-Original-To: ntpwg@lists.ntp.org
Delivered-To: ntpwg@lists.ntp.org
Received: from mail1.ntp.org (fortinet.ntp.org [10.224.90.254]) by lists.ntp.org (Postfix) with ESMTP id DE6F886D77E for <ntpwg@lists.ntp.org>; Tue, 28 Mar 2017 06:35:59 +0000 (UTC)
Received: from rrzmta1.uni-regensburg.de ([194.94.155.51]) by mail1.ntp.org with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.77 (FreeBSD)) (envelope-from <Ulrich.Windl@rz.uni-regensburg.de>) id 1cskjP-0000T9-FF for ntpwg@lists.ntp.org; Tue, 28 Mar 2017 06:35:59 +0000
Received: from rrzmta1.uni-regensburg.de (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 37A515B1F7 for <ntpwg@lists.ntp.org>; Tue, 28 Mar 2017 08:35:55 +0200 (CEST)
Received: from gwsmtp1.uni-regensburg.de (gwsmtp1.uni-regensburg.de [132.199.5.51]) by rrzmta1.uni-regensburg.de (Postfix) with ESMTP id D0C835B100 for <ntpwg@lists.ntp.org>; Tue, 28 Mar 2017 08:35:54 +0200 (CEST)
Received: from uni-regensburg-smtp1-MTA by gwsmtp1.uni-regensburg.de with Novell_GroupWise; Tue, 28 Mar 2017 08:35:54 +0200
Message-Id: <58DA0449020000A1000255C6@gwsmtp1.uni-regensburg.de>
X-Mailer: Novell GroupWise Internet Agent 14.2.2
Date: Tue, 28 Mar 2017 08:35:53 +0200
From: Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de>
To: Daniel Franke <dfoxfranke@gmail.com>
References: <CA564C5C-6CED-4810-BA2F-5433F2525249@isoc.org> <d0e4a2ff-b6d5-d640-5c11-602162ad4f0a@libertysys.com.au> <20170327132230.GJ8192@localhost> <CAJm83bBY7Tb-91s6OtZHFzm7EL=ExYgjZpv7dcjqAmMykGhYeQ@mail.gmail.com> <f7985e53-8fb0-2345-7425-c3d8f2e360ca@nwtime.org> <ebb67f94-bf93-ba2a-7a3b-7d650bb59140@nwtime.org> <CAJm83bAUpJc+9HmgtCO4LBigebSQHYYzkLf35qjdxkfjHrMUhw@mail.gmail.com>
In-Reply-To: <CAJm83bAUpJc+9HmgtCO4LBigebSQHYYzkLf35qjdxkfjHrMUhw@mail.gmail.com>
Mime-Version: 1.0
Content-Disposition: inline
X-SA-Exim-Connect-IP: 194.94.155.51
X-SA-Exim-Rcpt-To: ntpwg@lists.ntp.org
X-SA-Exim-Mail-From: Ulrich.Windl@rz.uni-regensburg.de
X-SA-Exim-Version: 4.2
X-SA-Exim-Scanned: Yes (on mail1.ntp.org)
Subject: [ntpwg] Antw: Re: call for adoption (draft-dfranke-ntp-data-minimization)
X-BeenThere: ntpwg@lists.ntp.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: IETF Working Group for Network Time Protocol <ntpwg.lists.ntp.org>
List-Unsubscribe: <http://lists.ntp.org/options/ntpwg>, <mailto:ntpwg-request@lists.ntp.org?subject=unsubscribe>
List-Archive: <http://lists.ntp.org/pipermail/ntpwg/>
List-Post: <mailto:ntpwg@lists.ntp.org>
List-Help: <mailto:ntpwg-request@lists.ntp.org?subject=help>
List-Subscribe: <http://lists.ntp.org/listinfo/ntpwg>, <mailto:ntpwg-request@lists.ntp.org?subject=subscribe>
Cc: ntpwg@lists.ntp.org
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org
Sender: ntpwg <ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org>

>>> Daniel Franke <dfoxfranke@gmail.com> schrieb am 27.03.2017 um 22:53 in
Nachricht
<CAJm83bAUpJc+9HmgtCO4LBigebSQHYYzkLf35qjdxkfjHrMUhw@mail.gmail.com>:
> On 3/27/17, Harlan Stenn <stenn@nwtime.org> wrote:
>> Ah, precision.
>>
>> Where's the problem in having the precision value be accurate?
> 
> Same problem as every other field: it's data that can be used for
> fingerprinting. In this particular case, it's a problem even if the

I just did a little test among eight different servers:
precision=-22,
precision=-22,
precision=-22,
precision=-23,
precision=-20,
precision=-22,
precision=-22,
precision=-21,

The hardware (and OS) of the first seven is identical; the last one has a different hardware (but same OS).

Do you really thing you can fingerprint the server from precision?

For challenge, I've included three more different hardwares:
precision=-22,
precision=-22,
precision=-22,
precision=-23,
precision=-20,
precision=-22,
precision=-22,
precision=-21,
precision=-21,
precision=-18,
precision=-21,

Regards,
Ulrich

> client never moves between networks, since the precision value carries
> information that can help an eavesdropper guess the client's hardware
> and OS.
> _______________________________________________
> ntpwg mailing list
> ntpwg@lists.ntp.org 
> http://lists.ntp.org/listinfo/ntpwg 




_______________________________________________
ntpwg mailing list
ntpwg@lists.ntp.org
http://lists.ntp.org/listinfo/ntpwg

v2.23.0 | Report a Bug | By Email