IETF Logo Mail Archive

[Ntp] Mandatory confidentiality for ntpv5

Hal Murray <halmurray+ietf@sonic.net> Fri, 15 October 2021 19:41 UTC

Return-Path: <halmurray+ietf@sonic.net>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 05A703A0A24 for <ntp@ietfa.amsl.com>; Fri, 15 Oct 2021 12:41:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.798
X-Spam-Level:
X-Spam-Status: No, score=-1.798 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HDRS_LCASE=0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mxaIa22xjFXE for <ntp@ietfa.amsl.com>; Fri, 15 Oct 2021 12:41:29 -0700 (PDT)
Received: from d.mail.sonic.net (d.mail.sonic.net [64.142.111.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E827F3A0A20 for <ntp@ietf.org>; Fri, 15 Oct 2021 12:41:29 -0700 (PDT)
Received: from 107-137-68-211.lightspeed.sntcca.sbcglobal.net (107-137-68-211.lightspeed.sntcca.sbcglobal.net [107.137.68.211]) (authenticated bits=0) by d.mail.sonic.net (8.15.1/8.15.1) with ESMTPSA id 19FJfSAm005213 (version=TLSv1.2 cipher=DHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Fri, 15 Oct 2021 12:41:28 -0700
Received: from hgm (localhost [IPv6:::1]) by 107-137-68-211.lightspeed.sntcca.sbcglobal.net (Postfix) with ESMTP id 5A90228C0F3; Fri, 15 Oct 2021 12:41:28 -0700 (PDT)
X-Mailer: exmh version 2.9.0 11/07/2018 with nmh-1.7.1
To: NTP WG <ntp@ietf.org>
cc: Hal Murray <halmurray+ietf@sonic.net>
From: Hal Murray <halmurray+ietf@sonic.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Fri, 15 Oct 2021 12:41:28 -0700
Message-Id: <20211015194128.5A90228C0F3@107-137-68-211.lightspeed.sntcca.sbcglobal.net>
X-Sonic-CAuth: UmFuZG9tSVZxdsMCmt7KunsIWNWJXsJXkxE1mzFhKz60ZJBVmg0ZIPdlefkeg7rEGJEMxJQ+xsxysLrjK1r+PliZnp1Yu0QiEWoLznaNXhA=
X-Sonic-ID: C;invd4+8t7BGS/pJC86s3og== M;elwM5O8t7BGS/pJC86s3og==
X-Sonic-Spam-Details: -1.5/5.0 by cerberusd
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/bufIZs1ytrB4IOl1LSWyLBYKjnY>
Subject: [Ntp] Mandatory confidentiality for ntpv5
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Oct 2021 19:41:34 -0000

james.ietf@gmail.com said:
> Perhaps you can elaborate why you think confidentiality in NTP is a bad
> idea? 

Is it going to do any good?

There is/was a draft on client data minimization.  What is happening with that?
  https://datatracker.ietf.org/doc/html/draft-ietf-ntp-data-minimization

After you have minimized things, what is left to hide with encryption?

Maybe we should encrypt everything so that we don't waste time discussing 
whether we need to encrypt everything.

-------

We need something like a version field in order for a server to be able to 
support multiple versions on the same port number.  That allows a fraction of 
a bit for client tracking, probably closer to a whole bit for early adopters 
when the version is changing.

--------

I'm chasing buggy clients that send bursts of requests to pool servers.  It 
would be convenient to have the name and version of the NTP package that 
generated the packet inside the packet where I can see it.  :)


-- 
These are my opinions.  I hate spam.

v2.23.0 | Report a Bug | By Email