Re: [Ntp] WGLC comments on draft-ietf-ntp-using-nts-for-ntp-14

Marcus Dansarie <marcus@dansarie.se> Mon, 19 November 2018 21:07 UTC

Return-Path: <marcus.dansarie.nilsson@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B07F3130DE8 for <ntp@ietfa.amsl.com>; Mon, 19 Nov 2018 13:07:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.401
X-Spam-Level:
X-Spam-Status: No, score=-1.401 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GXi6PXSYH5wq for <ntp@ietfa.amsl.com>; Mon, 19 Nov 2018 13:07:16 -0800 (PST)
Received: from mail-lf1-x12c.google.com (mail-lf1-x12c.google.com [IPv6:2a00:1450:4864:20::12c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 57C62130DE5 for <ntp@ietf.org>; Mon, 19 Nov 2018 13:07:16 -0800 (PST)
Received: by mail-lf1-x12c.google.com with SMTP id i26so22379342lfc.0 for <ntp@ietf.org>; Mon, 19 Nov 2018 13:07:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:subject:from:to:references:openpgp:autocrypt:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=CXVOKITBkN9hOWz6XMGGS/+2EUzfSqyf5YLpkzenQhU=; b=s6o60ZakZoQiSeMwVP4dc1+teFI7WAy70mjp7xuS3v9iB3zVaxsSZ2Tra8qLKL8IjT z3crFYt4jiw1cswFMo854kjnNqkyIlqvOqIVZ6brPduJOaGso/vqoGefbyrmh50lYfwC 8xy+KKNI9i+rySbnHbORPsQ6iCitDW77n37oIdloWZxRRFD6MWOzb5ggwXXUCzZZNpuY BOpF/dVcR5FAn66FUrHRT/q83i3aaOcpnt4x+I+2Iob3QfAkVO1qytUTrd7mG1wHYvpK cMdUP4xolIMK0xNJ2ZbBiRrMjEpPwdsShMPpVsv/52BAHQizfg2RXdW9RDmBxL15c9Hn 0XMg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:subject:from:to:references:openpgp :autocrypt:message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=CXVOKITBkN9hOWz6XMGGS/+2EUzfSqyf5YLpkzenQhU=; b=ic0WQV8xbpmpfEIr8PAW/tdVhAdvsPA0OB/0nEpd3cNdqUA0X8XUOUv0cJo/prlMY8 vcROqVRzon583hr9HrS+oysMD8kcJZx0vkKQ0w48d2s2wp5stOsWwWAn9nASzD8AlujJ tNSktBRMO//1NxhuzCvPYKPwOnLoXwCKAGq+tpDos3MuNZ5nFTtIQmNgmK6rm3Y+V02v kkfuzyU/5ZTDX4eUuomlhUP2iU350T4gkmZc3FZ32JOwUlyScC88MfDv9rS6KJF9a1NF e5Uds2oJQOnY8wRACTj1RHZxbfknWXaX4go7b7mb+F6t4xuP3LXQzCJaGn2ia5hCxBnU ajjA==
X-Gm-Message-State: AGRZ1gI8tsgZ59z35w7ovEJc0mgwedxfGvQMNmWntDC34ASzH5U4MWI5 Ass0JJiqzaGZasAt7zBT2z/Z2TgC
X-Google-Smtp-Source: AJdET5fDBmBIbcQdiRuRFuRgKSlHbJqw6TppvasluyX7jQ2M8F2Pi3/ij+V+e84s4mJ/12xNR46KnA==
X-Received: by 2002:a19:d381:: with SMTP id k123mr12130958lfg.101.1542661634115; Mon, 19 Nov 2018 13:07:14 -0800 (PST)
Received: from [10.0.0.126] ([185.40.184.26]) by smtp.gmail.com with ESMTPSA id o17sm5733661lff.77.2018.11.19.13.07.12 for <ntp@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 Nov 2018 13:07:13 -0800 (PST)
Sender: Marcus Dansarie <marcus.dansarie.nilsson@gmail.com>
From: Marcus Dansarie <marcus@dansarie.se>
To: ntp@ietf.org
References: <db984964-799a-4c06-ceaa-ca96e9ba5d3b@dansarie.se>
Openpgp: preference=signencrypt
Autocrypt: addr=marcus@dansarie.se; prefer-encrypt=mutual; keydata= mQINBFawEn4BEAC8YukDy8f3eczlE8WAcuctrjsNltPCLZDzcj3vBmiayXlXuPULOopqeuw4 +oaZqj4KqvdFBA1mzvwPll7IHePuwAoJYJr48IbIXc9MRjtLoFtd0KnhiVPUS8F2cmfzSJ8E FEv92sz6UT8/tlLEu6sNqr6/caYUivspuW5wf4f6nkSE+6rao9Nx9X03r289IPNBSZv+Y/Ym jWHDPpbT8WLUJZ+A8RsW/1oza609oAzqTkclmnRzip8wZZWNg3Q55P7onBmTIOrEz13My9r5 DWCMHyxXgFL1RJ9YW0t4yRkRm+HvOn3Vesk3m8CCGA6esHV0IPZmBOxJr3l+UQYuDiTgFufr WMpu5MvlyKGHS4fNd505DyyJY2G6eQLLrOq3nZy4qoZSL42TMxzYglexg+H6P/YsIIShk5Ch h/hNphXjrElDWhbGT5JiRWIivgSj/gq5QVBbDLR3b25n9PA0byGemfcEHLkii6EKyH7GW6v9 sgmvCmPfEfppYcOP2g9Jdt8RPitx0UBjoCzWAn0Py0NvlFDyz0FQhWDPig3yo1CG5ljb686v VBwcHJthczUV0rIyVzfmnikIb9ZjydHSX3fFwLz1IcIIX+INS58qA0SDqOoyP2WTYGZCDPVw GMMh+wMtAL2MICTr6vybFWB58m4PsI1j8Ri+AQiEkxyJauI2WQARAQABtCRNYXJjdXMgRGFu c2FyaWUgPG1hcmN1c0BkYW5zYXJpZS5zZT6JAkUEEwEIAC8CGwMCHgECF4ACGQEJCwkNCAwH CwoEBhUKCQgLAgUWAwIBAAUCWkqmHAUJBXvHHgAKCRAvY+f+raTwY6zwD/sEuXIeNbM8hhBr E5LMZFFhpVKzbToKlPifWO9SbChgDkSYx4SqrLqwD1oA6DkDK5NHO/Jj++QCN68jaOCIsT8v n++1mxHRWxEzC65I/WTLAxeLBswm9qfdpObC9ZXNSdyN+AXqzzTJR/GpUawDVe6Cc0RlYaFT 4crQHFNKYJ6lh7/xiDzWghsSKL2DuZzGdcxkMhMYFcHo26OK91OlykdfpwRT4Oe59QhBuzp+ +d76B5lCYD0QBcDRlj1pexgOcSYHPvwsdBsDL7CxHpmeEQe9RmGsGEwV+PEgXGzJr8YpSXVz 5dCR8bRAjmJZFnfiB98L1aO7lz/1Mp+OgS4vkNLLzbB4absm+Mw/s5mwDsVu3982ywJX5qoj yYySvN7YOEloUQ90aNwqMZ7s2J0rEdUvHtHLXUv5ZHwhYWt9XENiVyPyrAT58VDtHorQzBqg mj0jgaQPOBrGw6Ow1RyL046e1mYiwZYHbHoECejDCuUVQZsb8NJnKxf39YIeM02vSD3+oSfG wcEomD569XdUYqq/Y2dR7s34eteyFEQtUTZ/qRMU5x/Fw3M5zMwWEPVK7uRXySxp+jxXg3YY wNjcWC0h+YEpdhZOoWyfdaP4ZXWQSZu3wj0USsX0Ld2t7lHBkr7xm2TDU9wtH7dQwBcmIGUO T+3GvA/bGbIj1hAZNUV3q7kCDQRWsBKsARAApSTo9czkEzERsyyv9PLRHcEeBMAQ4ljXItCb Y0+fcbSXZRro7n//cJLfYUSIgC6rfFNLx8As5sVUzxLnnsL+NFjq2ic8w7+jgVyWTHhfiDdf whq2XJ/KyxvSdQsslX/oAsVFF5qUA5RPdYmDAeIn43U004s0Z1WDkIeeE1dMsoi9m5/mXS/D WDaVG6aBtr6aZbbdDV7/Ym/Vj7oPUPEsd9wpJAo9xRySx3h6qOgJBU6QXUp+vxM7PmR6boTQ h7a2coiTotmGfBM6bsQ8FYxy4fIl7tGppV0hj+cAOzKTRLaJoRsN21K92gXHp30uLv0RN1f8 vr12nt9y7VZmh+7JYtEpqz/IlMZJLNqo7Uultmv6hcZRyvxVwQoTSBtLkUTrw5SLnYOlB80J SuJgXa2hs+HrXw6bDQF9MebLMQU2hayZWc/d+Rjy0bIOKOX/hWHEKyGRorHwpoh/K3RdW5M+ OdPzsn80u5UwqMXoszp5WplcFAk361mof5fAV4D/4mOipWxqX6+2lWLwOXu3z3u7kasz7Mau 6S+9q96f05Dbj7Se3G0oTffae7/79/Ek0ieI288tlizARcOXSSO917UhlNoP74mYFX5eE66O F3mDBfxZkQ4mHHfhqbg6AfoPjSWKRkRp6+PhoFpfVGApzdUxPS0qb3ob7yjLxqotFNRDTlMA EQEAAYkERAQYAQgADwIbAgUCWH7TMwUJA5rcBwIpwV0gBBkBCAAGBQJWsBKsAAoJEMEIAA7D 4SHmu1gP/A15k6i/7SvCGzN8P4hj18jioVSO6IpZHTp8nrQdXtxK2QNbpa2sX42RQDAfkbTK sD6LPIj3C1Hivk5bmu49ZNFsfE6awt9GeqHh0pTq4K+2gv4s3MAzI85GJmTOiY5ooA922JWA QJW6kuwCkOXi0jaGkxgqZ5NW56yxdrzegY6Ly5AYr8znsqjPbQo98uW0kGwJw7Ch8JR1uZo8 6U38Oyk5oh4tbM3upvenMC5SW0EK9UjdVGCq9+HolKIbJpJR+OCF9u3PS4CVnjBJ8dfb4jD7 X/2aUSVmOQLLpCDEJvW8yoZLDm7n3poZWbubbNUYufj/GGkU1vEdTBat78AAy0lHkBIrdyrZ q7VTas6Nrd+tF/My4GpOtAZv45wJp6xo6yx3u35GYMp+/S7jTPqWz0zNq/4EJfN86dvcc0CA kTkL/EClOx3GGfkFmjEfLw3Y9zR6ZZ7okjlQM+Uqm7AfokMqstqgeETsbLZTqKKdByAjkgQR rzCbChZ+SNTmmFNtlUcn7JM55lZxsm3IUhfXx9vPKtlaC6jURYe5u/fcqpuInqSWl+DlyHAp dZkiUuZuK+kO/QpHJuTkYH5fzc6l4Af10pPeS9y7qaJ2mmMXNqRIiJqhIkNL2NypBgSJEbvW WcPtB0KiqNt8dmHwdcZhJt6cPOKxYhGi4ayKY7J5JpfpCRAvY+f+raTwY+2QD/sEqt/Mi8Uq LlPJV7NBnXa8APBMyTISLha5pKH68qtvRQy7acTTxHmau3ZA1qUdRyfxwEEZIvubljSSAzPW yYycwLmLaeTBuquEY7UAsPkc3rV9y4ZNXoAZzSz30FpzM6AcZmSzUvNzes+X6hHJf8VmN4Oj GWGmGbRAmo74AyXzIFQxTqREkJ1kPwHR8Rt3lPgtY4Dhj77G0Mk/rzTZvVPPszS2yZ2If3Qq ZIM8FsbgDt6i01ekWR7rVgycKiFhQBUo4b20BbeZmeaZ+xUPqvZMsOOnUz7XZT819sLT6UV9 nZzZ+KmCAzfqu86xtf/q2GHmfcW2F6S3Q1ShaVtWKIVHuj7Y5RfxX2vg7ZkeRKVDzYfcYWv1 dZgpQmilVmIEp0RkNvRWsTaoBOuFos3gTMr+N2ET6UrmqqIlbHZBZQEpv9+L2+ZxqNNj4MTt 4amI2iLGihwfTwMHKKZxIqISzMER80nKFVgzQpZDXnQQMzCIkJF1Cilyxlw5wYqFoyRUmZ+W kmKxD6mmVRN4rmxdQevmRfMsNb3gFhK3bYQQU4sCtUbQvDNQkb+vikYFKsMXNp0x+RHTdqz7 a2b2J2QKOsWSYYSo9XXdWBn6FiF9nz45C55FDtXQZAW9ba3JlNTw8F8AG4ig77wCdSMqfoYV My+3MEoEMbfOzqc8l4iD3063AYkERAQYAQgADwIbAgUCWkqmOAUJBXvHDAIpwV0gBBkBCAAG BQJWsBKsAAoJEMEIAA7D4SHmu1gP/A15k6i/7SvCGzN8P4hj18jioVSO6IpZHTp8nrQdXtxK 2QNbpa2sX42RQDAfkbTKsD6LPIj3C1Hivk5bmu49ZNFsfE6awt9GeqHh0pTq4K+2gv4s3MAz I85GJmTOiY5ooA922JWAQJW6kuwCkOXi0jaGkxgqZ5NW56yxdrzegY6Ly5AYr8znsqjPbQo9 8uW0kGwJw7Ch8JR1uZo86U38Oyk5oh4tbM3upvenMC5SW0EK9UjdVGCq9+HolKIbJpJR+OCF 9u3PS4CVnjBJ8dfb4jD7X/2aUSVmOQLLpCDEJvW8yoZLDm7n3poZWbubbNUYufj/GGkU1vEd TBat78AAy0lHkBIrdyrZq7VTas6Nrd+tF/My4GpOtAZv45wJp6xo6yx3u35GYMp+/S7jTPqW z0zNq/4EJfN86dvcc0CAkTkL/EClOx3GGfkFmjEfLw3Y9zR6ZZ7okjlQM+Uqm7AfokMqstqg eETsbLZTqKKdByAjkgQRrzCbChZ+SNTmmFNtlUcn7JM55lZxsm3IUhfXx9vPKtlaC6jURYe5 u/fcqpuInqSWl+DlyHApdZkiUuZuK+kO/QpHJuTkYH5fzc6l4Af10pPeS9y7qaJ2mmMXNqRI iJqhIkNL2NypBgSJEbvWWcPtB0KiqNt8dmHwdcZhJt6cPOKxYhGi4ayKY7J5JpfpCRAvY+f+ raTwY8QcD/9XUx8phbJaqpZpIEsay2OsXk0I0MFlmKqgHhi1YgLZoNk6UzqT+/GDrHsBN7lY j5wHtBHLONS7/CbYgyHh1JnuIxRBp2VM4bd7TXpmFpf6fDI4n5JFE5t0ThzXoB8fLY+7Onyl sszvfz83VGEYrmJNKCLKezjvj6JiuUfeImAjT8syGgxXzX+eSjJWegW+nQ/EWqBF6TfqhxgO bb14pbEelbAxdAe6rY+eXsB2B3UNlQz/OPiOykvdi5PCQjhGDI54ogLT7kH5jznouf1zCkC9 NQpHTQVGI/gYR9+VbRAcLKvyiI6it0JA92GZDqmGhmq4GJrHCJfhFW9wh4F0faaHoyqFbOu/ 5gfmfysMoedLx5GAeU03NTedmPs2g4DsAdyh+FdUn/Q5lX/VrsR5IbIO0p0I8E7+A1yE6xNq zDjbBOkxLj3uyOcmx70kQSO9l0H5T+dHUFvJqLzG3BQ6otBB7w8lNlBDTRguUeHNcMhvot1G zJBt++8Jpp1TY3IEuNlMiBpL+iPqgViqyReDsjmVaJbtP/7XM+lZLTM+LVvkFQgt+t3r2NgA ZEj91zKYOsPB1V/0USeGkpoir6BXVPvg2WOunEd3QxkxElNsGH9uxfadNgSS4bn9tib2TGy/ urm1fULsuIOiJR6vMQ1fjjJoPnM8b6dkHSQ7y3+PiPhTpbkCDQRWsBLLARAAyxyKDIPLq3FD 9xQTw/5L3Mw81uxNKpreLKPRJESzDGYmytSi77I639jhTEZf4ktz/OMjX5+tYTfcI2a5xgy2 tlKvGBAOn5anwCTtQ1CUG1EiN1w+qYAQXOAb04/sh/swlkx5ZV3jvJshhQqiG5N0WDAlIXzR /4MYsuMhyHJVlu/JlZJAogDF9q+ZmvUI0RVhfKsvvnastUH4qdCAloWocU+npw79jbRWIX1C wtG2Wt5/VWvG10+4guEQoyaZz5lGwOEnRXwyLmrylZxhavP4mJVHIDVQsCGDoLbKmPVwU2dD I3bZem1dvPrztuplDFqvnHIABXgPqL/yrWQ2BKxsOr5eRa4aNL2Sa8sYz2QYBE2EwU2C4lKB J+pkTE8AmEJniFVuhMoWhFHXTjzauU7KPRVrQZuakap+2M2h0DiaOkGLnak3KZQX6zp5OTXc v0M44nx3T7ZB3p7i5N41cmE1bqDaXtvl239tscyVruGCpEpS1OpBFHYkKk/e8Xiwdaddh0Rw lIAJqsFzFt93BkGcX03C/saI1MQSDs77yrCWPXotMHyg1aM7AAeKqDTFCUvwlPPauRfSBQhb UfL0DpvpSKRWJFuakdeDSzvfrhe3GOKaQoPwNWcLk0kOLBnO2obaJbuTEmd8D54AKUoSH6eJ mjk2mNY1R+GNRczkM1Ue1yEAEQEAAYkCJQQYAQgADwIbDAUCWH7TMwUJA5rb6AAKCRAvY+f+ raTwY9jcD/49jEB5A1YjXzIfNXhJjFH/7jpL6lk8xfK8dDD6e1OsOEqu6l7Ito+7HrDgn7RV urrWXTehCQ95R/uUeXAErHIVAPWt32lm9umB+lDB8KXL6sh3WbavQdzk4UE/hpOKPDX+assu u7GI3ZXY0UzhsRIz1gw6LoZVUqvYIP8S2y+bfDSWkqjwU5ExAi5cuGH8k/LUIbpdb1ALggia kPi+hXRtfGikiw3UY7LtCv5MjkeWL43Prj0w0kdWyWup+/KunI3DsjcvSVvr1nWpuVwQm8WA FfOf85+qL8ACB+2aknGuHot948UcJvSaTbYMFk0HPUVDfDPpUlBmVMZft1Akxa2EGK877uM6 +gC9roB7BF8b/CyEx3QnpvDK53iCns1qaLjL3P8sRJF+K7bHJm0k58BpDH5Yg1Ia8h4ihPEs U0FQznREdR28xsFHzC7NfdDhYTCRNFee4AVB3MDmfdBOiPprAhusSa/h2Q1w3GjBQtI30Pr2 ZaVl9TVvFE/uIQtheW8MQgRgSOqwV6JVg8Cu/Tt+88C2ngLGAp2ty6rZ6xUcKr1gup/OkX8o MIwDmFFKrnz9GBEBh6FHBz27wHANojHN6KJAPRpIY1SClBxIn/vkGdhlL9cgQgieMP3LixbQ BdBhTJWHjiWh+HZzuFuLkh+wpraJEbvsmPPMSPfnjsMrmokCJQQYAQgADwIbDAUCWkqmOAUJ BXvG7QAKCRAvY+f+raTwY1BFD/0e1Vr993CDFGjTJFO24O14xp6JY5L9b80LNqOvBeLnIgF+ HssKxP8Vh0CWCMO7EAA1dAIq8iBzWLlqTQ4xnMuiIXA/y5HP7noVIWNxUBu8tnHZU/1mlN5Z tCE2rLJ8VjN2Wz4zyi0xnKjALkLflmK751YDZvctgRmx3ous1k8LpZwKrzL8NYeLmG5uAENk tz/FI2RLIjijfogdaSvZKBOMe6Gqtb9WdzoMP9kKj6uEqwWUoZB19Jy6rTxB0jjoAwkXvHjT WaoqDlSPyldsDsCXF4FeYOpq53N59yugLl3xN0UUQscAczYdUgONeTL5SY+2ILtwTRgWPO2S SOC88PPHQMK2XhZqCHiVXMU7BYbXGVXqV62/1gpWTw+5IAiIo4LqlWY7oQiuc+BL/z0p0Vap Boexa7rTa3T1ytqhpeQzqDLtkEVlYv+LQ6qB3cRtCNmNAi3nwmzKnElumimz0f9fsbhNMMAC 6DQnksB74rakgyNLZSaCCqt9lb2tPHYF+NPGqFxSW8r62yrRUNx2phvFO2j/B1f0NMm7h7PN qbkNv0b9nQPf2MSYMTavN2EZ4/vfhAfOf07Z55ahpA+zfAfeQvrEPY2JutdET4jpa9xtSuoe S3LbYs7Sy2OUpbmIWM/pCo9OUZsMxbWgn1x1A/LEWElPx4HioOlW6SnYvKOiOw==
Message-ID: <fdf553a3-ae9a-2eeb-248a-2fccbde6f33e@dansarie.se>
Date: Mon, 19 Nov 2018 22:07:11 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1
MIME-Version: 1.0
In-Reply-To: <db984964-799a-4c06-ceaa-ca96e9ba5d3b@dansarie.se>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/i_vrO33I4pUx9l-TjkZ1GZcMyNo>
Subject: Re: [Ntp] WGLC comments on draft-ietf-ntp-using-nts-for-ntp-14
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Nov 2018 21:07:19 -0000

All,

I spent some time this weekend thinking some more about
draft-ietf-ntp-using-nts-for-ntp-14, so here's a reply to myself with
some more points. The large number of points may seem like harsh
criticism of the draft, but that is not my intent. The draft is good,
well written and a result of the hard work of everyone involved.

* The security of many other network protocols depends on having a
correct perception of time. For that reason, NTP is very attractive as
an attack vector. Table I in [1] contains a summary of protocols that
depend on correct time for security. I would also like to recommend
reading [1] in its entirety as it contains a good summary of attacks on
current NTP, many of which NTS seeks to prevent.

* The security of NTS is entirely dependent on the client correctly
verifying the KE-server's certificate and trust chain. This is made
clear in Section 9.3, but I believe it is important enough that Section
3 needs to contain a reference there. It could read something like: "All
implementations are REQUIRED to implement the measures described in
Section 9.3, as this is critical to the security of the protocol."
Furthermore, I think Section 9.3 should have mandatory requirements for
certificate verification. At the very least, this would have a MUST for
following the requirements in RFC 5280 and RFC 6125. There are some
other measures that could be added as well, such as requiring clients to
perform OCSP checking (though there could be privacy implications to
this) or strictly verifying the OCSP Must Staple flag if it is present.
"Initial" should also be removed removed from the heading of Section 9.3.

* If we settle on TLS 1.2 as the minimum requirement, we should only
allow perfect forward secrecy (PFS) suites to be negotiated in the TLS
handshake. Otherwise, the loss of a certificate private key could
theoretically compromise all keys that have been negotiated using that
certificate. In the worst case, this could be active NTS keys belonging
to thousands (or more!) of clients.

* NTS implementations could be vulnerable to "NTS stripping" attacks,
where an attacker fools clients into reverting to plain NTP. Section 9
should contain guidance on this. A naive NTS implementation might try to
connect to the NTS-KE port at the NTP server's address and simply revert
to plain NTP upon handshake or connection failure. This would be easy
for a MITM attacker to exploit. Having the user explicitly mark a server
as NTS compatible is an obvious mitigation. Another would be to forbid
clients from performing unprotected NTP time synchronization with a
server it has successfully performed NTS-protected synchronization with,
at least for a certain amount of time (cf. HSTS).

A more sophisticated attack would be a MITM attacker sending
kiss-o'-death packets to the client, forcing it to reperform the NTS-KE
handshake in a way that fails. It is important that clients do not
revert to plain NTP here, but instead follow the draft: "As long as the
NTS-KE handshake has not succeeded, the client SHOULD continue polling
the NTP server using the cookies and parameters it has." This could also
be used by an attacker with a forged or stolen certificate to force a
NTS key renegotiation using that certificate.

* In reference to the previous point, we should consider public key
pinning as a way for servers to protect against MITM attacks with forged
certificates. The equivalent for HTTPS (HPKP) is specified by RFC 7469.
This would require adding new record types to the NTS-KE protocol.

The argument against key pinning in NTS is that very few NTP server
administrators are likely to want or need this feature and that this
does not warrant further protocol complexity. Public key pinning is also
a double edged sword in that administrator mistakes can cause long-term
service unavailability for large numbers of users. This has happened on
so many occasions that HPKP has been deprecated in the Google Chrome
browser. (Google still pins their own certificates in Chrome though.)

* The canonical way of configuring NTS is for the user to explicitly set
the address of an NTS-KE server in his or her client. I believe this is
a good idea in general. However, there is currently no way for someone
who is using a NTP server to find out if it supports NTS or the address
of its NTS-KE server. It is obviously possible to try to perform a
NTS-KE handshake with the same address as the NTP server, but this will
only work in cases where the NTP and NTS-KE servers share an IP address.
My suggestion for this is that we use DNS SRV records to enable clients
to find the NTS-KE server associated with a certain NTP server. The
record for ntp.example.com would look something like this:
_ntske._tcp.ntp.example.com. 86400 IN SRV 10 10 [[TBD1]] nts.example.com.
where [[TBD1]] should be replaced with the port number assigned for
NTS-KE. SRV records will also enable transition to NTS without any user
interaction when support for NTS is implemented in NTP clients.

* In Section 5.7, the paragraphs

"To protect the client's privacy, the same cookie SHOULD NOT be included
in multiple requests.  If the client does not have any cookies that it
has not already sent, it SHOULD initiate a re-run the NTS-KE protocol."

and

"The client MAY reuse cookies in order to prioritize resilience over
unlinkability.  Which of the two that should be prioritized in any
particular case is dependent on the application and the user's
preference.  Section 10.1 describes the privacy considerations of this
in further detail."

should be moved together for obvious reasons. Currently, one is in the
beginning of the section and the other at the end.

* Missing word in the abstract: The sentence that begins with "The
second handles encryption and authentication during NTP time via
extension [...]" should be "The second handles encryption and
authentication during NTP time synchronization via extension [...]".

Kind regards,
Marcus Dansarie

[1] Malhotra, Aanchal, et al. "Attacking the Network Time Protocol."
NDSS. 2016. <https://ia.cr/2015/1020>