Re: [Ntp] Danny's Review (was Re: draft-ietf-ntp-roughtime-05: tag change makes implementation more complex)

Hal Murray <> Wed, 29 September 2021 00:33 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 1DAD23A16AA for <>; Tue, 28 Sep 2021 17:33:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: 2.5
X-Spam-Level: **
X-Spam-Status: No, score=2.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FAKE_REPLY_B=4.299, HDRS_LCASE=0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 41V1HnjnQpzh for <>; Tue, 28 Sep 2021 17:33:29 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 4BAAF3A16AD for <>; Tue, 28 Sep 2021 17:33:29 -0700 (PDT)
Received: from ( []) (authenticated bits=0) by (8.15.1/8.15.1) with ESMTPSA id 18T0XRG4001774 (version=TLSv1.2 cipher=DHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Tue, 28 Sep 2021 17:33:27 -0700
Received: from hgm (localhost [IPv6:::1]) by (Postfix) with ESMTP id 4375828C0F3; Tue, 28 Sep 2021 17:33:27 -0700 (PDT)
X-Mailer: exmh version 2.9.0 11/07/2018 with nmh-1.7.1
To: NTP WG <>
cc: Hal Murray <>
From: Hal Murray <>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Tue, 28 Sep 2021 17:33:27 -0700
Message-Id: <>
X-Sonic-CAuth: UmFuZG9tSVZ8Fwi9WQV7R3EcDNwXk9JS1vv3XEwr/vIcyPGty+pMuPf/8MVkOMVzjnCQfXzenu4vcXVuK1FP1OvFksC8fCEm7Z1Vi5T+Ico=
X-Sonic-ID: C;uub83Lwg7BG99oBB6Nu5DA== M;WOot3bwg7BG99oBB6Nu5DA==
X-Sonic-Spam-Details: -0.5/5.0 by cerberusd
Archived-At: <>
Subject: Re: [Ntp] Danny's Review (was Re: draft-ietf-ntp-roughtime-05: tag change makes implementation more complex)
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Time Protocol <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 29 Sep 2021 00:33:34 -0000

Danny Mayer said:
> There is nothing to prevent me creating a protocol called SMOOTHTIME and
> throwing the ROUGHTIM value in the header to fool you. How has that made  the
> protocol unambiguous? That doesn't prevent tunneling, and yes I'm  familiar
> with this idea and I've seen the implementations. The only  proper way to
> handle this is deep packet inspection and fingerprinting.  Nothing else
> really works.

The bad guys can construct anything.  But what about bugs or stupidity?

I've been looking at the garbage arriving at a pool server.  Some of it is 
obviously garbage. But there is a lot of stuff that is not obviously good or 

As a general policy, is it worth a bit of space in a UDP packet to simplify 
sanity checking?

Another possibility would be to add a tag for the source package.  Yes, it can 
be forged, but it would help track down abuse from buggy code.

These are my opinions.  I hate spam.