IETF Logo Mail Archive

Re: [Ntp] Experimental/Private EF area: was Re: Registries document

David Venhoek <david@venhoek.nl> Thu, 03 August 2023 14:51 UTC

Return-Path: <david@venhoek.nl>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A713C14CE44 for <ntp@ietfa.amsl.com>; Thu, 3 Aug 2023 07:51:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.907
X-Spam-Level:
X-Spam-Status: No, score=-6.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=venhoek-nl.20221208.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZhH5NqnQcB6P for <ntp@ietfa.amsl.com>; Thu, 3 Aug 2023 07:51:50 -0700 (PDT)
Received: from mail-lj1-x22a.google.com (mail-lj1-x22a.google.com [IPv6:2a00:1450:4864:20::22a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2FE8CC14CE2B for <ntp@ietf.org>; Thu, 3 Aug 2023 07:51:48 -0700 (PDT)
Received: by mail-lj1-x22a.google.com with SMTP id 38308e7fff4ca-2b9ab1725bbso16886091fa.0 for <ntp@ietf.org>; Thu, 03 Aug 2023 07:51:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=venhoek-nl.20221208.gappssmtp.com; s=20221208; t=1691074307; x=1691679107; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=sKiXK/k8yOEQkQSwt3NOelN8KQhKP4aqSah1PFTKRuQ=; b=g3ACk3qFTA3HHBPpU00mF47YTXQe0+hDt/+ylpHfqQUBoptBVHN9Br1l7Xdhezhlfw d/cMCQGGAq+EcaTpbMkkBXgzV/YPjyO6Niok8huF0tiQOv9WKmnV+XO+kNOM1fmzNb6N IJmobQD+3LlQovho4wLLe0jF4bwSNNeYTP4Pgq6I7dZJ1jAMrOKzj0+3Au8wOsIX2wFJ I/SgXDc7zdr6uI6IVRGrdcojEKcVDOoLvpxw6IWuncRnxvVjhi83Dv3BArZDWggaL86P Xq4a6WMcKpsd8lvbT/caKYyOh7sS6xZfY1AhZlNM3pcWd2StrhbQqyoCDeY485oWFIDa w9/g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691074307; x=1691679107; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=sKiXK/k8yOEQkQSwt3NOelN8KQhKP4aqSah1PFTKRuQ=; b=U/cTWzIMsb4HlVsmZXiUX6OR+D6YhoHab8WQeMvoyf158QAzdJyaKEqZFdP79O8CXe 7zXNQPWe1wtJA+L+xfSUByRYCwScX1GUAdfHSJ6i0FdRzRXyhx3cMYw7uR7k1kFbO0nh 6CU5mZXQRmDCG43nHLth9oAtq2/058BY29hTXoeDQSZQKiUTyZcniHwBC8+DHSfHKoK/ 5RlXD/q6Ry7XcRPUhZ5+c4hfjXSpfmEYL4gI+1C6L2s7FgtUcZ6K2/QnF/k9+2rsX4rs stnqzaRoWAMLI29OFUzk/wfF3rs8t2iF/3YczdvATeP/62vJZCSx+hiox1YhNWApdOJF gcZQ==
X-Gm-Message-State: AOJu0YyJkqoubHVGNLaj6Ii0byVGJPUFFuDz0eEh168c/24NwZbIuqYr SGNFpHV6BcgyKjvYfORoSsN47pDkwvh7Hjk3oQfV4g==
X-Google-Smtp-Source: AGHT+IFTBGPd4yPBY4T6SJTbU9cAwatcG6QjkA/tt9d/2t83cJJI3A36MtFgbPT16QA81LClUWKN9mFQhEs7ugn3mUs=
X-Received: by 2002:a2e:9992:0:b0:2ba:18e5:1070 with SMTP id w18-20020a2e9992000000b002ba18e51070mr37684lji.24.1691074306830; Thu, 03 Aug 2023 07:51:46 -0700 (PDT)
MIME-Version: 1.0
References: <ZMeh8WnbrAKDPx0Z@localhost> <21773363-e898-ed95-35e5-8ebca9efd58d@ntp.org> <ZMit1DBBwFNheq8c@localhost> <839f9b13-e6c2-bfe6-724a-828acc5f6742@ntp.org> <ZMjUsiNI9/Fx6N41@localhost> <46291a7a-41f7-2874-3973-53abf3400269@nwtime.org> <ZMj2Sq3ICW7BxRIh@localhost> <056306cb-fb49-d01e-9d76-3a7c22781752@nwtime.org> <ZMtZmtDGb0SJq6Lc@localhost> <f23305d4-705a-0eef-5069-210318fffbaa@ntp.org> <ZMts9mWJ5+G9srDw@localhost>
In-Reply-To: <ZMts9mWJ5+G9srDw@localhost>
From: David Venhoek <david@venhoek.nl>
Date: Thu, 03 Aug 2023 16:51:35 +0200
Message-ID: <CAPz_-SVLOdLbKw4VGAgm1Yx5dJrfsB1+Pojm1_xENinyL7vumQ@mail.gmail.com>
To: Miroslav Lichvar <mlichvar@redhat.com>
Cc: Harlan Stenn <stenn@ntp.org>, Harlan Stenn <stenn@nwtime.org>, "Salz, Rich" <rsalz@akamai.com>, "ntp@ietf.org" <ntp@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/dbPyYsL0ISAPGscwkAVIIxJEdMw>
Subject: Re: [Ntp] Experimental/Private EF area: was Re: Registries document
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Aug 2023 14:51:52 -0000

Below my view on the topics of discussion, in the hope that we can at
some point get to some form of rough consensus:

Having gone over both documents again, it is not at all apparent that
RFC5906 modifies the extension field format defined in RFC5905. As
such, in my view, the ship for standardizing a split type field has
long since sailed. Especially since even the reference implementation
of autokey doesn't use this split as specified there. As such, I see
little problem with taking the range 0xF000-0xFFFF.

Also, given modern processor architectures, the impact of having to do
a 16 vs 8 bit choice on extension fields is going to be negligible.
The fact that extension field parsing produces unpredictable branch
points is going to be far more significant. In any case, the
experiments we have done on the ntpd-rs implementation suggest that on
a gigabit ethernet network connection and a reasonably modern
processor (~5 years old) the network connection is easily the limiting
factor in terms of handling NTP traffic.

However, if we do want to respect that design space I do have a strong
preference to use the end of the code space and reserving all 0x???F
codes. I do not see a not yet standardized spec's use of these as
reason to deviate (rather the opposite, as that spec should be one of
the prime users of this range whilst not yet standardized).

I strongly think we should have experimental ranges. Reserving codes
for any experiment before even starting the standardization process is
not a good option. So long as it is not standardized, interop is also
a non issue so I'm fine with considering overlap in this range as risk
of the user.

To the contrary, if we don't introduce such a range, people will start
using random codes at some point for their experiments, and then that
could collide even with implementations that don't intend to support
any experimental/private use stuff.

On the subject of the collision between NTS cookie and autokey message
request extension field identifiers, this is there (unless I am really
misunderstanding the reference implementation code, best I can tell
they both put 0x0204 in the type field), and I consider the current
text sufficient in indicating that this has indeed happened and that
we are aware of it. It also already clearly states that it is not a
problem in practice which should answer most questions. Not mentioning
it and just having double entries on the other hand would be very
confusing.

On Thu, Aug 3, 2023 at 11:01 AM Miroslav Lichvar <mlichvar@redhat.com> wrote:
>
> On Thu, Aug 03, 2023 at 01:19:14AM -0700, Harlan Stenn wrote:
> > As I said, the I-DO proposal is counting down from 0xFFFF for its work. I-DO
> > exchanges information about both EFs and "capabilities".  An I-DO value of
> > 0x0004 means "I-DO NTS", while 0x0005 means "I-DO Checksum Complement".
> > 0xFFFF is "I-DO IPv6 REFID hashes" and 0xFFFE is "I-DO Leap Smear REFIDs".
> >
> > This was all described in draft-stenn-ntp-i-do.
>
> draft-stenn-ntp-i-do is nowhere close to publication. It can be easily
> updated to use other values if necessary. I'm not sure why the
> REFID-related capabilities should be tied to the EF numbering anyway.
> They should have their own space.
>
> > And the reason for not using 0xF000-0xFFFF (even if it was 0xE000-9xEFFF) is
> > that it breaks 25 years of design and established coding, and stomps all
> > over the ability to more cleanly code for a growing number of EFs.
>
> 25 years of design that nobody implemented yet. It might help if you
> could show an example of what you see as the issue with flat 16-bit
> types causing unclean code.
>
> > I am not interested in wasting my time like that again.  As you have pointed
> > out yourself, I am resource-limited and want to devote my efforts to things
> > I believe are useful.
>
> You are not the only one here with limited time to work on things.
>
> --
> Miroslav Lichvar
>
> _______________________________________________
> ntp mailing list
> ntp@ietf.org
> https://www.ietf.org/mailman/listinfo/ntp

v2.23.0 | Report a Bug | By Email