IETF Logo Mail Archive

Re: [Ntp] Last Call: <draft-ietf-ntp-yang-data-model-10.txt> (A YANG Data Model for NTP) to Proposed Standardsecurity

Dhruv Dhody <dhruv.ietf@gmail.com> Tue, 09 February 2021 10:27 UTC

Return-Path: <dhruv.ietf@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 376B03A1965; Tue, 9 Feb 2021 02:27:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nN4la68Or7i4; Tue, 9 Feb 2021 02:27:34 -0800 (PST)
Received: from mail-io1-xd2f.google.com (mail-io1-xd2f.google.com [IPv6:2607:f8b0:4864:20::d2f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9B24D3A1755; Tue, 9 Feb 2021 02:27:33 -0800 (PST)
Received: by mail-io1-xd2f.google.com with SMTP id n201so18157623iod.12; Tue, 09 Feb 2021 02:27:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=/7Ze6B7gaDqoRGuB9AnN4uC1571HEHVBPLkCy8pH4Ik=; b=kVt6USkZ3+AO8IPPHf4n3qaDIZ3IiQKMk7lQYCK40s97fRND7BfRhEzXNs7zv3xmHI XEsOBMhcvg2S9ghVRYDKsfPA7U4JpIwt/SNzN82fKGqHVQ29KYJPftNf7RY5NhO2xHYx 780+V1xAY05u1vAnToX53kSPBADT+G7bL5DTUVzMxXjVj4/g0SFQwPPcx1aec/ZXY9x3 aTFqp2lUzSwQnxwmY9G1ms8huxbXthSI6p4P04GZhomwEtmLIVRPhIwjgv3+BjIFncqn N/d3HLeDccmc5ktZcrWLJaOoEpT5eZe7GsSNWGd451SFgcgUXAMV75Bltd1xWgpDtQ9N PkiQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=/7Ze6B7gaDqoRGuB9AnN4uC1571HEHVBPLkCy8pH4Ik=; b=gcY46ithPlPUa6xT2TCnFaYzWcttpMpVodTgkA7/Ep2f43bpRNsGW5q3XCt/Gm3Sb0 knLSO+LROFdDTOodEnQDD/AzkyKjMNlWl7KQsUNn5Vj6dQcAa0lTQEtpSMEXvZgXXK4h LjMWCs2vJ/QW7mtSMba4o3WAIWQCOhgKlX8149Ql3UXii620njLWO+FC6lyJ6NmsY+J4 53KDgJ2CBQ5Ud8gjuWGW7ywhdim/YX2EaFu0HiezSbplq7gYO4h8gXuvGAnZOVyrleln 51e9GtT5dPwtD6mWTaH3rRd4vLNRGcbRuE/6xv4oiosQGC+LC7JShCYkJU2KI0nESo1x MQ3w==
X-Gm-Message-State: AOAM5308Uh0LiTpvjkDFaMQlASeWYxCMzgA09RtLvBBlvlSXyufvQz4s 3WzeqT89I6mJ7k5foACggpRVyaqtYwLtAS+R+PQ=
X-Google-Smtp-Source: ABdhPJxoz/3rDa1eYeWofA48XASqAV6V8wrq+O96bQmYwjNqC5olvKUdeG8a7NM1hZp4E6s+EscCsGrOJdVnvsxwfMI=
X-Received: by 2002:a02:b703:: with SMTP id g3mr21598531jam.15.1612866452484; Tue, 09 Feb 2021 02:27:32 -0800 (PST)
MIME-Version: 1.0
References: <daedulus@btconnect.com> <60212265.6020204@btconnect.com> <20210209093446.E11F8406061@ip-64-139-1-69.sjc.megapath.net>
In-Reply-To: <20210209093446.E11F8406061@ip-64-139-1-69.sjc.megapath.net>
From: Dhruv Dhody <dhruv.ietf@gmail.com>
Date: Tue, 09 Feb 2021 15:56:56 +0530
Message-ID: <CAB75xn6PcC4qyLz6ydETNQUz15n2KzT+qBBy==W4fFZgizK4gQ@mail.gmail.com>
To: Hal Murray <hmurray@megapathdsl.net>
Cc: tom petch <daedulus@btconnect.com>, last-call@ietf.org, ek.ietf@gmail.com, ntp-chairs@ietf.org, NTP WG <ntp@ietf.org>, Dieter Sibold <dsibold.ietf@gmail.com>, draft-ietf-ntp-yang-data-model@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/es4KKiNOEB0tUJzWvsEuGEZYgG4>
Subject: Re: [Ntp] Last Call: <draft-ietf-ntp-yang-data-model-10.txt> (A YANG Data Model for NTP) to Proposed Standardsecurity
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Feb 2021 10:27:35 -0000

Hi Hal,

Good point, I propose making this change -

OLD:
|     +--rw key?         ianach:crypt-hash
NEW:
|     +--rw key
|     |  +--rw (key-string-style)?
|     |     +--:(keystring)
|     |     |  +--rw keystring?            string
|     |     +--:(hexadecimal) {hex-key-string}?
|     |        +--rw hexadecimal-string?   yang:hex-string
END

The algorithm field already uses the identity
key-chain:crypto-algorithm from RFC 8177 which supports hmac-sha-1-12,
aes-cmac-prf-128, md5, sha-1, hmac-sha-1, hmac-sha-256, hmac-sha-384,
hmac-sha-512 and the ability to add more identities. The above change
would align with RFC 8177.

Thanks,
Dhruv

On Tue, Feb 9, 2021 at 3:05 PM Hal Murray <hmurray@megapathdsl.net> wrote:
>
>
> daedulus@btconnect.com said:
> > RFC8573 seems clear that MD5 must not be used to effect security for NTP  but
> > this I-D imports iana-crypt-hash which allows MD5 without any  restriction,
> > so is MD5 allowed or not?
>
> "Allowed" is the key word.  Just because somebody published an RFC doesn't
> mean that all the gear out in the field will get updated.  As Harlan pointed
> out, there is a very very long tail on NTP deployments.
>
> I think it makes sense for iana-crypt-hash to include slots for historic
> items.  If nothing else, it is a good place to say "historic" or "deprecated"
> and give references to the details.
>
> If you think a Yang model should discourage using MD5, then I suggest adding
> words to say that.  Better would be to phrase things so that it also includes
> other algorithms that get kicked out of the club after the RFC is published.
> I don't know of any place that publishes an up-to-date list of crypto-hashing
> algorithms and their status.
>
> ----------
>
> I'm looking at iana-crypt-hash@2014-08-06.yang
>
> It says:
>          id | hash function | feature
>          ---+---------------+-------------------
>           1 | MD5           | crypt-hash-md5
>           5 | SHA-256       | crypt-hash-sha-256
>           6 | SHA-512       | crypt-hash-sha-512
>
> If NTP is the only use, then I'd suggest adding a deprecated note.  But I
> assume that is used by other than NTP so that may not be appropriate.  But
> maybe if MD5 is deprecated for NTP it should be deprecated for other uses too.
>  ???
>
> What happened to slots 2, 3, and 4?
>
> Existing NTP code also supports SHA-1
>
> RFC 8573 that deprecated using MD5 with NTP suggests using AES-CMAC.  Note
> that is CMAC rather than HMAC and that NTP uses it's own scheme rather than
> HMAC as described in RFC 6151.
>
> The NTPsec code supports any hash (or CMAC) algorithm that the underlying
> library from OpenSSL supports.
>
> --
> These are my opinions.  I hate spam.
>
>
>

v2.23.0 | Report a Bug | By Email