Re: [Ntp] Circular dependencies
Tony Finch <dot@dotat.at> Wed, 11 November 2020 22:20 UTC
Return-Path: <dot@dotat.at>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC3143A1181 for <ntp@ietfa.amsl.com>; Wed, 11 Nov 2020 14:20:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rYQ0n3VOmt0s for <ntp@ietfa.amsl.com>; Wed, 11 Nov 2020 14:20:13 -0800 (PST)
Received: from ppsw-30.csi.cam.ac.uk (ppsw-30.csi.cam.ac.uk [131.111.8.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A4F1B3A1180 for <ntp@ietf.org>; Wed, 11 Nov 2020 14:20:13 -0800 (PST)
X-Cam-AntiVirus: no malware found
X-Cam-ScannerInfo: http://help.uis.cam.ac.uk/email-scanner-virus
Received: from grey.csi.cam.ac.uk ([131.111.57.57]:57810) by ppsw-30.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.136]:25) with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) id 1kcyTM-000v9U-e0 (Exim 4.92.3) (return-path <dot@dotat.at>); Wed, 11 Nov 2020 22:20:12 +0000
Date: Wed, 11 Nov 2020 22:20:12 +0000
From: Tony Finch <dot@dotat.at>
To: Watson Ladd <watsonbladd@gmail.com>
cc: NTP WG <ntp@ietf.org>
In-Reply-To: <CACsn0c=Xu31KyHu8+uq+fKBMVRt+YaJGZCfSn2ph1WXfm2atHw@mail.gmail.com>
Message-ID: <alpine.DEB.2.20.2011112149530.17264@grey.csi.cam.ac.uk>
References: <CACsn0c=Xu31KyHu8+uq+fKBMVRt+YaJGZCfSn2ph1WXfm2atHw@mail.gmail.com>
User-Agent: Alpine 2.20 (DEB 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/_HaSjKEpyJcYPWpikZgLb8dV--Y>
Subject: Re: [Ntp] Circular dependencies
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Nov 2020 22:20:16 -0000
Watson Ladd <watsonbladd@gmail.com> wrote: > > I just realized there is a mailing list bug report that's a lot more > interesting than it seems. They have a DNSSEC validating resolver and > were using an NTP daemon to set the clock (and the RTC was busted) But > the time is needed to verify liveness of the signatures for DNSSEC to > validate, and without the names don't resolve, including the NTP > server names. Ugh yes this has been a problem forever :-( but not a big enough problem in practise for anyone to seriously tackle it. As if no-one cares about making DNSSEC validation Just Work on a Raspberry Pi... > This is probably a bigger issue with NTS, as certs with IP addresses > are harder to get. Roughtime can use its own keys, but does still rely > on the DNS often, so it won't necessarily be a solution. Any ideas? I'm eagerly looking forward to RFC 8738 ACME-IP support https://letsencrypt.org/upcoming-features/ My fantasy solution for this bootstrapping problem is mostly about getting an up-to-date DNSSEC trust anchor, but also the time, on a device that was switched off while a rollover happened. When the device boots and finds nothing works, it contacts a bunch of witnesses for which it has preconfigured public keys and IP addresses that are expected to be stable for the long term. It gets the current trust anchors and time from each witness: no single witness is trusted, a large enough quorum of them have to agree for the device to be able to recover. We assume the witnesses are sufficiently independent that a quorum is more trustworthy than a single trusted third party. We hope that there are enough witnesses that even after a long time enough witnesses are stll working so an old device can contact a quorum. Tony. -- f.anthony.n.finch <dot@dotat.at> http://dotat.at/ Fitzroy, Sole, Lundy, Fastnet, Irish Sea: South, veering west at times, 6 to gale 8, occasionally severe gale 9 at first in Lundy and Irish Sea. Rough or very rough, occasionally moderate in Irish Sea. Occasional rain. Moderate or poor.
- [Ntp] Circular dependencies Watson Ladd
- Re: [Ntp] Circular dependencies Tony Finch
- Re: [Ntp] Circular dependencies Daniel Franke
- Re: [Ntp] Circular dependencies Mark Andrews
- [Ntp] Fwd: Circular dependencies Mark Andrews
- Re: [Ntp] Circular dependencies Hal Murray
- Re: [Ntp] Circular dependencies Danny Mayer
- [Ntp] Antw: [EXT] Circular dependencies Ulrich Windl
- Re: [Ntp] Circular dependencies Philip Prindeville
- Re: [Ntp] Circular dependencies Warner Losh
- Re: [Ntp] Circular dependencies Warner Losh
- Re: [Ntp] Circular dependencies Hal Murray
- Re: [Ntp] Circular dependencies Mark Andrews
- Re: [Ntp] Circular dependencies Hal Murray
- Re: [Ntp] Circular dependencies Mark Andrews
- Re: [Ntp] Circular dependencies Mark Andrews