[Ntp] Circular dependencies
Watson Ladd <watsonbladd@gmail.com> Wed, 11 November 2020 17:30 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85EE73A3905 for <ntp@ietfa.amsl.com>; Wed, 11 Nov 2020 09:30:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SNIWMQGjTVOi for <ntp@ietfa.amsl.com>; Wed, 11 Nov 2020 09:30:16 -0800 (PST)
Received: from mail-lj1-x22b.google.com (mail-lj1-x22b.google.com [IPv6:2a00:1450:4864:20::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3767E3A2AD9 for <ntp@ietf.org>; Wed, 11 Nov 2020 09:21:58 -0800 (PST)
Received: by mail-lj1-x22b.google.com with SMTP id q19so2925692ljc.10 for <ntp@ietf.org>; Wed, 11 Nov 2020 09:21:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=DULAcHL/t06umbEevcMGeE51qfYvq2aLB3zneb2idZA=; b=ZI4CahIg9/EV6oAePv6GQmSKT9e5nn7Ya2HRqf4dUSAUcShHeswmzQuXpCBVkS98ic ptiZc8IIdmGJWLP6xIjCIkTfHnicpDanmphvbG9WNUKI9GUmjS0MGXry5ocf1O2kB1M3 sNmY29OoWqh2Kv7x0Ri7ScGZZobI5PH+r7KMO+4i7yTiqI5yykRfuVIESN0pOq41Kb5o tXaK3FY8EamdhO6ngj77+HFNKcKa9NrZvziF/K+qNoMOnTW2iV/wT5uUwTmWb+R2TxlN xYZOtpiaeKuXDFlHFsjkezFgwyzJRIxUVAVloJpgIalVGhicFh5IXe/Tn8JtFnPZ+ROr I31g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=DULAcHL/t06umbEevcMGeE51qfYvq2aLB3zneb2idZA=; b=O7eKcrpvrlyUNmLB6uTpKs50XDLDaCAWjDxp9mkFsGSutCmlpeV/o2BMeYmTKUITJk JRUrCifLPguchWxIcZRE46HLPnrI+4ul6LlV3T9l29ay/aeAY4hJNqvOtwUTvyjv20h4 KgXiPnJ5kR0Thtz/DCISrHR6Toel2wSNsCrDHrVoFontXCyD14ijeR5pD4YwDR042OfU zZ46mTTKuFmd6CY0G94pNdTYlWZhJ94gO0nxPznbX0RAWEUVOjeZP8wqvzYXN269QfHL u64SSVjjzE3DKf5vnQ4ITd6fFrVNDNpFTcwxPO/2Po421827FSQuSEpFVTlp8xgYnlvS pZhg==
X-Gm-Message-State: AOAM533vmOIEJTMIaitx1QyAHOK+MtvLHzUY5hLnIU0T4KZaZntrPdD4 PNgu0vVgv425Xd/oEZVzdcj3tWsDKi7SnVxrzDP15NMyYl4=
X-Google-Smtp-Source: ABdhPJzkSF4RsGWrsBzTy5x6WgrXs5bgKJRyy/uZcipw916bAa8d6SYo2mIpTrXHuUaOz+vkBK6ovapWzNVK+aZWIzo=
X-Received: by 2002:a2e:3609:: with SMTP id d9mr885364lja.440.1605115316242; Wed, 11 Nov 2020 09:21:56 -0800 (PST)
MIME-Version: 1.0
From: Watson Ladd <watsonbladd@gmail.com>
Date: Wed, 11 Nov 2020 09:21:45 -0800
Message-ID: <CACsn0c=Xu31KyHu8+uq+fKBMVRt+YaJGZCfSn2ph1WXfm2atHw@mail.gmail.com>
To: NTP WG <ntp@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/ezBHgK9wyHrfhsExDO1FEkPXsVY>
Subject: [Ntp] Circular dependencies
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Nov 2020 17:30:21 -0000
Dear NTP WG, I just realized there is a mailing list bug report that's a lot more interesting than it seems. They have a DNSSEC validating resolver and were using an NTP daemon to set the clock (and the RTC was busted) But the time is needed to verify liveness of the signatures for DNSSEC to validate, and without the names don't resolve, including the NTP server names. This is probably a bigger issue with NTS, as certs with IP addresses are harder to get. Roughtime can use its own keys, but does still rely on the DNS often, so it won't necessarily be a solution. Any ideas? Sincerely, Watson Ladd
- [Ntp] Circular dependencies Watson Ladd
- Re: [Ntp] Circular dependencies Tony Finch
- Re: [Ntp] Circular dependencies Daniel Franke
- Re: [Ntp] Circular dependencies Mark Andrews
- [Ntp] Fwd: Circular dependencies Mark Andrews
- Re: [Ntp] Circular dependencies Hal Murray
- Re: [Ntp] Circular dependencies Danny Mayer
- [Ntp] Antw: [EXT] Circular dependencies Ulrich Windl
- Re: [Ntp] Circular dependencies Philip Prindeville
- Re: [Ntp] Circular dependencies Warner Losh
- Re: [Ntp] Circular dependencies Warner Losh
- Re: [Ntp] Circular dependencies Hal Murray
- Re: [Ntp] Circular dependencies Mark Andrews
- Re: [Ntp] Circular dependencies Hal Murray
- Re: [Ntp] Circular dependencies Mark Andrews
- Re: [Ntp] Circular dependencies Mark Andrews