[Ntp] Minutes from IETF 108 NTP WG session

Dieter Sibold <dsibold.ietf@gmail.com> Fri, 31 July 2020 16:42 UTC

Return-Path: <dsibold.ietf@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 14FD33A0C4F for <ntp@ietfa.amsl.com>; Fri, 31 Jul 2020 09:42:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GBtPgy8VFb7P for <ntp@ietfa.amsl.com>; Fri, 31 Jul 2020 09:42:54 -0700 (PDT)
Received: from mail-ed1-x529.google.com (mail-ed1-x529.google.com [IPv6:2a00:1450:4864:20::529]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A3DD03A0BEC for <ntp@ietf.org>; Fri, 31 Jul 2020 09:42:53 -0700 (PDT)
Received: by mail-ed1-x529.google.com with SMTP id c15so13110332edj.3 for <ntp@ietf.org>; Fri, 31 Jul 2020 09:42:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=RsFk24tj0yh9IEpl+nNkYkgh85MmQnnkG99TrfdfzaQ=; b=pYOawE9HPOmAUrCYG5QUGoW2U6NAj0mf4HAfulgZFeGw0EvD7LN1aZmTfHC4pWVwU3 ODYBRZ8UHySatu3HIILoM6IRjOwyJaUnYVOjj0pWLOkVRfNwP9Z1F1bGfHxCTwE+7hEn F0klahFPoaYbVn/3vy3kFIOA0B+F6BMxS5dn+CF3+TvqupMRluprg4BtxQkU99pJ5SQg DLPFdA8NPAgE+I6YZPFcb5xRvdkte40HQwJJo5Gu6fKfFGeYBInu2vK/jffbBFegUJ0Z l7+FDcpbWbNZ2SluEpU0IVi0+hiGFXL6VXj+4jxwcknztmeGgjwzRS9WnLgiqL6xfYZu YNFw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=RsFk24tj0yh9IEpl+nNkYkgh85MmQnnkG99TrfdfzaQ=; b=oJyCH0+08KVF3vKXp1GKqy+M+fpU1gkJkivffem1ytCl/FfBZXW/dC5p5/w7jj/6oD 7XwRfKcCnUcemeI3JkZdHFO8+Alp+TrtVHVsH3y+o6gQc/TOuNddSHdqtlWL7b3+ImKO DRxTAI/QkmL+UjEuCSP3IoHCzVxm2z7+bQ1B/+/EOh2X2aAjyA972dpUPfb/H+v2PnFQ S/I3uiNaI+ZAMmhKQhsiDNUDn7+Y+YihZ2YCmYf/5UhLewcRdq0OzZGZi/tehEXJlY65 ndZktrstwcPcZxVt2WMyS0RVeEP0l0mpIvZS4hT54YLQqfiB2VflDibKrR9LUWGimiE6 vxkw==
X-Gm-Message-State: AOAM5322uE3YFfQvTzpcO6fWG7K5Vf3xgyeFlQnMmKzaBdS8MHY1EnZs Z9UbWAXWKe3t7ToFPFp1NcKC5AMc
X-Google-Smtp-Source: ABdhPJxjmAxyn8idhT5tcMB6Sop/MTMaC8LOfrX4At5/4Xra/XW3J3UUgKnXowCCQ7dgWIJJRv9pJg==
X-Received: by 2002:aa7:dd91:: with SMTP id g17mr4857637edv.186.1596213770734; Fri, 31 Jul 2020 09:42:50 -0700 (PDT)
Received: from [192.168.111.41] (p200300d17f07e500d5b11c59fa50a4ae.dip0.t-ipconnect.de. [2003:d1:7f07:e500:d5b1:1c59:fa50:a4ae]) by smtp.gmail.com with ESMTPSA id s15sm9456463ejb.16.2020.07.31.09.42.49 for <ntp@ietf.org> (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 31 Jul 2020 09:42:50 -0700 (PDT)
From: "Dieter Sibold" <dsibold.ietf@gmail.com>
To: "NTP WG" <ntp@ietf.org>
Date: Fri, 31 Jul 2020 18:42:48 +0200
X-Mailer: MailMate Trial (1.13.1r5671)
Message-ID: <16876866-D4DB-4941-A533-B92BCFFF60F3@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; format=flowed
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/dNh8VmUCuu7KORqFuOAShhc7h1c>
Subject: [Ntp] Minutes from IETF 108 NTP WG session
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jul 2020 16:42:57 -0000

Dear all,

Thanks to Tal the minutes from the NTP WG session at IETF 108 are 
online.

https://www.ietf.org/proceedings/108/minutes/minutes-108-ntp-00

Dieter


===============================
NTP Session - IETF 108
July 31, 2020
11:00 UTC
Meeting Minutes
===============================

Chairs: Karen O'Donoghue, Dieter Sibold
Minutes: Tal Mizrahi

Meeting material: 
https://datatracker.ietf.org/meeting/108/proceedings#ntp


Participants:
=============
[This list is for informative purposes, and some people may be missing. 
Bluesheets will be published separately.]
Karen O'Donoghue
Dieter Sibold
Tal Mizrahi
Neta Schiff
Miroslav Lichvar
Martin Langer
Mark Baushke
Marco Davids
Erik Kline
Xiaolan Wan
Denis Reilly
Leif Johansson
Warren Kumari
Rich Salz
Jose Alvarez-Hamelin
Dhruv Dhody
Harlan Stenn
Eric Orth
Kristof Teichel
Kimura Yamato
Yali Wang
Doug Arnold
Kenneth Murchison
Ragnar Sundblad
Robert Story
Simon Vera-Schockner
Hiroyuki Goto


Introduction
============
Slides: 
https://www.ietf.org/proceedings/108/slides/slides-108-ntp-ntp-chair-slides-00
Presenter: Karen O'Donoghue


Summary:
- Karen presented the note well.
- Karen presented a brief introduction to using Meetecho.
- The agenda for this session was presented.

Document status:
- Two documents in the RFC editor's queue: the timestamp format draft, 
and the NTS draft. There is currently a delay in the editor queue.
- Mode 6 draft: Karen will take it offline with Erik to proceed with the 
shepherd writeup and the AD review.
- YANG data model draft: the shepherd writeup is in progress.
- Port randomization document: has been updated, and the issues have 
hopefully been adressed. It seems to be ready for working group last 
call, since there was no further discussion. Karen and Dieter will 
proceed with WG last call.
- Alternative NTP port draft: it is still an individual draft.
   -  Miroslav: I believe we said in the last meeting that the draft is 
ready for an adoption call. No changes since then.
- Roughtime: we discussed it in the last interim, and it has not been 
updated since then.
- Chronos update - to be presented by Tal.


Chronos
=======
Slides: 
https://www.ietf.org/proceedings/108/slides/slides-108-ntp-a-secure-selection-and-filtering-mechanism-for-the-network-time-protocol-version-4-00
Presenter: Tal Mizrahi

Summary:
- The draft has recently been revised so that Chronos is a Watchdog.
- Most of the time you use the NTPv4 algorithm, but if Chronos detects a 
suspected attack, then the client starts using the Chronos algorithm. 
This allows enjoing the precision of NTPv4 most of the time, and 
enjoying the security of Chronos when under attack.

Discussion:
- Karen: who is working on an implementation?
- Tal: Neta and the people at the Hebrew university.
- Neta: we are working on an implementation, but we would love if other 
people who are interested in implementing would contact us and we could 
work together.
- Dieter: is the Chronos filtering algorithm identical to NTPv4?
- Tal: it is not identical, but a bit similar. It is based on 
well-established agreement algorithms from the literature, where you 
ignore the highest third and lowest third of the samples, and then take 
an average or a median of the remaining samples.
- Karen: this version has been around since March. Let's have some 
feedback from the working group. Tal / Neta - please ask the working 
group for some feedback on the mailing list. We also need to discuss 
informational vs. experimental.


NTPv5 Modular Architecture
==========================
Slides: 
https://www.ietf.org/proceedings/108/slides/slides-108-ntp-ntpv5-modular-architecture-02
Presenter: Doug Arnold

Summary:
- This is a proposal to divide NTP into a timing engine and a protocol 
engine.
- This enables cases where there needs to be a dedicated or 
application-specific timing engine.

Discussion:
- Miroslav: if we define a timing engine - it seems like this is a 
recommended design of a server and client, but not mandatory to 
implement. Is it going to be in a separate document?
- Doug: if there is going to be more than one timing engine it would 
make sense to have it in a separate document. There would be an 
architecture document that describes the concept and interfaces, and the 
timing engine would be in a different document.
- Karen: chair hat off, there is no specific plan which documents will 
be, as we are just in a discussion phase. We have not updated the 
charter yet, and do not have consensus yet.
- Doug: the motivation for all of this is that it is already being done 
in NTPv4, even though it does not comply to the standard NTP. Different 
implementations use different algorithms than RFC 5905. It seems like 
this is needed.
- Karen: some individual drafts along these lines would be helpful.
- Dieter: would it make sense to separate the clock control from the 
timing engine?
- Doug: you mean that clock control is a separate entity, and the timing 
engine just analyzes the NTP messages.
- Dieter: right, and sometimes people have different requirements about 
how often the clock needs to be adjusted.
- Doug: it is possible. Note that we do not want too many subsystems, in 
order to avoid to many combinations, but it can be discussed.
- Dieter: the packet structure still contains the timestamps, right?
- Doug: right, that is done by the protocol engine. The timestamps come 
from either the operating system, or from a hardware engine, and can be 
used by the protocol engine for timestamping.
- Mark Baushke: the IEEE 1588 has a better resolution than the NTP 
timestamp resolution. Do we need a better resolution?
- Doug: that is a good point. In IEEE 1588 we did this in order to avoid 
updates for a long time. However, people like to use NTP in some 
scenarios or applications, and we may need better resolution than 
nanoseconds.
- Mark: IEEE 1588 typically is implemented in hardware, but still NTP 
may need a better resolution.
- Doug: in PTP (1588) we could not change the timestamp field, so we 
added the extra precision to the correction field. NTP servers have 
hardware timestamping, and many of the clients have the hardware that 
enables hardware-based timestamps.
- Jose: if you want to synchronize over the Internet, it would be 
difficult to reach a sub-microsecond accuracy. If the network is 
symmetric a microsecond accuracy is possible. I have a proposal on the 
TICTOC working group for an accurate synchronization protocol.
- Doug: right, a high resolution timestamp does not mean you can achieve 
high accuracy. In small networks with a small number of hops (such as 
financial networks), you can achieve a high accuracy.
- Miroslav: we have a document on the Wiki about NTPv5 requirements. One 
of the issues is the precision of the timestamps. You are welcome to add 
comments to the Wiki or mailing list. White rabbit is reaching the 
resolution that NTP provides, so maybe a better resolution will not be 
required in the near future.
- Doug: it is difficult to reach an accuracy/precision below 1 
nanoseocnd. The finance industry are used to NTP, and prefer it over 
PTP, and at the same time are looking into White Rabbit. It turns out 
that for trades a nanosecond resolution matters. There may be some 
applications that will require fine resolution.


Hackathon Update
================
Slides: 
https://www.ietf.org/proceedings/108/slides/slides-108-ntp-ietf-108-hackathon-network-time-security-01
Presenter: Martin Langer

Summary:
- There was an NTP hackathon last week.
- Interop testing of NTS implementations.
- All implementations talk to each other.
- Some issues with operator filtering (of large NTP packets).

Discussion:
- Miroslav: about the failures reported about the testing tool - it is 
not an issue for the current clients, but could be a real problem in the 
future when NTPv5. Some implementations of servers just assume that it 
is an NTPv4 client, but servers need to check whether it is NTPv4 or 
not.
- Karen: thanks to Martin Langer, Miroslav Lichvar and Christer Weinigel 
for being the backbone of the team and pushing this through.


NTPv5 Discussion
================
- Karen: we are looking for charter updates, and we would like to start 
having implementations and drafts. There is a Wiki page that you can 
update with your suggestions.
- Erik Kline: the charter is currently a bit out of date. Suggestions 
would be welcome for scoping the work, including motivation and 
suggestions for NTPv5. Karen and I will take a stab at rewriting the 
charter.
- Karen: it looks like people are interested, and there is a question of 
the scope.


AOB
===
- Karen: we have been trying to hold regular interims. The  next one 
will be at the beginning of September.
- Harlan: is there a reference implementations of the YANG data model?
- Karen: the authors are not present. We may have an answer in the next 
few days as part of the shepherd writeup.


Adjourned at 12:22 UTC.