[Ntp] Antwort: Re: NTS4UPTP Rev 03 - Formal request for WG adoption (SUPPORT)

kristof.teichel@ptb.de Mon, 31 May 2021 15:28 UTC

Return-Path: <kristof.teichel@ptb.de>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C50143A1BE7 for <ntp@ietfa.amsl.com>; Mon, 31 May 2021 08:28:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.419
X-Spam-Level:
X-Spam-Status: No, score=-1.419 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, HTML_MIME_NO_HTML_TAG=0.377, MIME_HTML_ONLY=0.1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pf2lhicJauCT for <ntp@ietfa.amsl.com>; Mon, 31 May 2021 08:28:13 -0700 (PDT)
Received: from mx1.bs.ptb.de (mx1.bs.ptb.de [192.53.103.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1A8913A1BE6 for <ntp@ietf.org>; Mon, 31 May 2021 08:28:11 -0700 (PDT)
Received: from smtp-hub.bs.ptb.de (smtpint01.bs.ptb.de [141.25.87.32]) by mx1.bs.ptb.de with ESMTP id 14VFS9Mf005984-14VFS9Mh005984 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 31 May 2021 17:28:09 +0200
Received: from lotus.bs.ptb.de (lotus.bs.ptb.de [141.25.85.200]) by smtp-hub.bs.ptb.de (Postfix) with ESMTPS id 6E989B719D6; Mon, 31 May 2021 17:28:07 +0200 (CEST)
MIME-Version: 1.0
Sensitivity:
Importance: Normal
X-Priority: 3 (Normal)
In-Reply-To: <890a8653-4a6b-839c-6647-ae004df63c1f@ostfalia.de>
References: <890a8653-4a6b-839c-6647-ae004df63c1f@ostfalia.de>, <5F0AB4A8-30FB-4EE4-904C-BCC2CDFCA552@meinberg.de> <CAJm83bA=uQb05KMtUJN_qk0J65eaa1Av5OBatrN4mAk3dPC11Q@mail.gmail.com> <D1556106-7B75-48B2-962C-BEDF035DDA26@meinberg.de> <CAJm83bDhGyd-au6+h0U0jaLVLSkiKY_pKDQCcLiSY09dPP5qAQ@mail.gmail.com> <024470C1-E225-4FF8-AFD0-FD6A6CEF48CB@meinberg.de> <CAJm83bDOc+84AV__CnpMHoRHTDftKAgMhS52jhTPkG-g-ZUzag@mail.gmail.com> <A15ACFA0-B9E1-4F60-B76B-7C2A9146F5D7@meinberg.de>
From: kristof.teichel@ptb.de
To: "Kai Heine" <ka.heine@ostfalia.de>, "NTP WG" <ntp@ietf.org>
Date: Mon, 31 May 2021 17:28:05 +0200
Message-ID: <OF325169B1.59F4FB27-ONC12586E6.00530A04-C12586E6.0054F7F4@ptb.de>
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/fYt3oq6_gfxoMVG0JSNV2Qn6Rj8>
Subject: [Ntp] Antwort: Re: NTS4UPTP Rev 03 - Formal request for WG adoption (SUPPORT)
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 May 2021 15:28:18 -0000

Hello all,

I have a very similar stance to that of Kai here.
The WG should (to my mind) definitely discuss some security solution for PTP that is based on NTS.

As someone who is also involved in the security subcommittee of the 1588 WG, I feel that it might be important to clarify the following:
PTP has a method of transporting authentication tags in a TLV field, specified in the current standard version.
What is "missing" is a key management scheme that enables the use of those security TLVs (there are some, but I feel that one based on NTS' methods would be really nice to have).


So far, AFAIK, Heiko's draft is the only document that has actually been proposed here.
I'm sorry, but I haven't read it closely enough to judge its technical merits.
But (especially in light of recent discussions), I'm wondering what the alternative to adoption is, process-wise.

@daniel: you talk about a proposal of yours that is in competition with Heiko's draft, I believe.
Now  this might be a dumb question, but where can I find that?

There is also work from folks at Ostfalia, that also has to do with using parts of NTS to do the key management for PTP security.
Once they are ready to propose it as a document here, this effort also definitely deserves consideration.


Until then, I believe I support adoption of Heiko's draft (except if there is a good argument to be made that we need to look at all candidates first and then choose one?).
The approach certainly seems to have enough merit for at least a WG-wide discussion.

I also feel that I would like to hear more people's opinions, especially more who don't have a candidate of their own in this race.


Best regards,
Kristof





-----"ntp" <ntp-bounces@ietf.org> schrieb: -----
An: <ntp@ietf.org>
Von: "Kai Heine"
Gesendet von: "ntp"
Datum: 28.05.2021 15:11
Betreff: Re: [Ntp] NTS4UPTP Rev 03 - Formal request for WG adoption

Hi all,

I think that there is definitely a need for security in PTP, so I am generally in favor of the WG adopting some kind of NTS-for-PTP.
I've seen that there are already multiple proposed solutions that have been presented here, each with their own discussions.

What are the principal objectives a draft would have to fulfill in order to be adopted?

Best regards,
Kai

--
Kai Heine, M.Eng.
Wissenschaftlicher Mitarbeiter
Fakultät Elektrotechnik

Ostfalia Hochschule für angewandte Wissenschaften
- Hochschule Braunschweig/Wolfenbüttel
Salzdahlumer Straße 46/48
38302 Wolfenbüttel

Tel.:     +49 5331 939 43650
Fax:      +49 5331 939 43652
E-Mail:   ka.heine@ostfalia.de
Internet: https://www.ostfalia.de/cms/de/pws/heine" rel="nofollow">https://www.ostfalia.de/cms/de/pws/heine
_______________________________________________
ntp mailing list
ntp@ietf.org
https://www.ietf.org/mailman/listinfo/ntp" rel="nofollow">https://www.ietf.org/mailman/listinfo/ntp