[Ntp] Antwort: Re: NTS4UPTP Rev 03 - Formal request for WG adoption (SUPPORT)

[kristof.teichel@ptb.de]

Hello all,

I have a very similar stance to that of Kai here.

The WG should (to my mind) definitely discuss some security solution for PTP that is based on NTS.

As someone who is also involved in the security subcommittee of the 1588 WG, I feel that it might be important to clarify the following:

PTP has a method of transporting authentication tags in a TLV field, specified in the current standard version.

What is "missing" is a key management scheme that enables the use of those security TLVs (there are some, but I feel that one based on NTS' methods would be really nice to have).

So far, AFAIK, Heiko's draft is the only document that has actually been proposed here.

I'm sorry, but I haven't read it closely enough to judge its technical merits.

But (especially in light of recent discussions), I'm wondering what the alternative to adoption is, process-wise.

@daniel: you talk about a proposal of yours that is in competition with Heiko's draft, I believe.

Now  this might be a dumb question, but where can I find that?

There is also work from folks at Ostfalia, that also has to do with using parts of NTS to do the key management for PTP security.

Once they are ready to propose it as a document here, this effort also definitely deserves consideration.

Until then, I believe I support adoption of Heiko's draft (except if there is a good argument to be made that we need to look at all candidates first and then choose one?).

The approach certainly seems to have enough merit for at least a WG-wide discussion.

I also feel that I would like to hear more people's opinions, especially more who don't have a candidate of their own in this race.

Best regards,

Kristof

-----"ntp" <ntp-bounces@ietf.org> schrieb: -----

An: <ntp@ietf.org>
Von: "Kai Heine"
Gesendet von: "ntp"
Datum: 28.05.2021 15:11
Betreff: Re: [Ntp] NTS4UPTP Rev 03 - Formal request for WG adoption

Hi all,

I think that there is definitely a need for security in PTP, so I am generally in favor of the WG adopting some kind of NTS-for-PTP.
I've seen that there are already multiple proposed solutions that have been presented here, each with their own discussions.

What are the principal objectives a draft would have to fulfill in order to be adopted?

Best regards,
Kai

--

Kai Heine, M.Eng.
Wissenschaftlicher Mitarbeiter
Fakultät Elektrotechnik

Ostfalia Hochschule für angewandte Wissenschaften
- Hochschule Braunschweig/Wolfenbüttel
Salzdahlumer Straße 46/48
38302 Wolfenbüttel

Tel.:     +49 5331 939 43650
Fax:      +49 5331 939 43652
E-Mail:   ka.heine@ostfalia.de
Internet: https://www.ostfalia.de/cms/de/pws/heine" rel="nofollow">https://www.ostfalia.de/cms/de/pws/heine

_______________________________________________
ntp mailing list
ntp@ietf.org
https://www.ietf.org/mailman/listinfo/ntp" rel="nofollow">https://www.ietf.org/mailman/listinfo/ntp