Re: [Ntp] Encrypted NTS cookie placeholder

Hal Murray <hmurray@megapathdsl.net> Fri, 31 January 2020 02:04 UTC

Return-Path: <hmurray@megapathdsl.net>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFE4712004E for <ntp@ietfa.amsl.com>; Thu, 30 Jan 2020 18:04:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.035
X-Spam-Level: *
X-Spam-Status: No, score=1.035 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_DYNAMIC_IPADDR=1.951, RDNS_DYNAMIC=0.982, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vSrqhhU2adQy for <ntp@ietfa.amsl.com>; Thu, 30 Jan 2020 18:04:10 -0800 (PST)
Received: from ip-64-139-1-69.sjc.megapath.net (ip-64-139-1-69.sjc.megapath.net [64.139.1.69]) by ietfa.amsl.com (Postfix) with ESMTP id F1F4A12004C for <ntp@ietf.org>; Thu, 30 Jan 2020 18:04:09 -0800 (PST)
Received: from shuksan (localhost [127.0.0.1]) by ip-64-139-1-69.sjc.megapath.net (Postfix) with ESMTP id 779ED40605C; Thu, 30 Jan 2020 18:04:08 -0800 (PST)
X-Mailer: exmh version 2.7.2 01/07/2005 with nmh-1.3
To: ntp@ietf.org
cc: hmurray@megapathdsl.net
From: Hal Murray <hmurray@megapathdsl.net>
In-Reply-To: Message from Miroslav Lichvar <mlichvar@redhat.com> of "Wed, 29 Jan 2020 11:14:42 +0100." <20200129101442.GJ20504@localhost>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Thu, 30 Jan 2020 18:04:08 -0800
Message-Id: <20200131020408.779ED40605C@ip-64-139-1-69.sjc.megapath.net>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/dg7IqSfnRdL0aKj_iPfpmhywE0E>
Subject: Re: [Ntp] Encrypted NTS cookie placeholder
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jan 2020 02:04:11 -0000

mlichvar@redhat.com said:
> The draft says in 5.7: The client MAY include one or more NTS Cookie
> Placeholder extension fields which MUST be authenticated and MAY be
> encrypted.

> But that doesn't seem to be supported by most of the servers. Some ignore
> encrypted Placeholders (sending a shorter response) and some don't even
> respond to such a request. The implementors may want to check that.

Thanks for catching that.

Would it be cleaner in the long run to pick one?  The idea is to simplify 
things so they are more likely to work and simpler to test.


-- 
These are my opinions.  I hate spam.