Re: [Ntp] Roman Danyliw's No Objection on draft-ietf-ntp-chronos-20: (with COMMENT)
Neta R S <neta.r.schiff@gmail.com> Sat, 15 July 2023 03:09 UTC
Return-Path: <neta.r.schiff@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80157C151092; Fri, 14 Jul 2023 20:09:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.094
X-Spam-Level:
X-Spam-Status: No, score=-7.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id coTzAfzsL_l5; Fri, 14 Jul 2023 20:09:19 -0700 (PDT)
Received: from mail-wr1-x436.google.com (mail-wr1-x436.google.com [IPv6:2a00:1450:4864:20::436]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 89024C151091; Fri, 14 Jul 2023 20:09:19 -0700 (PDT)
Received: by mail-wr1-x436.google.com with SMTP id ffacd0b85a97d-316f4abb1e1so180165f8f.3; Fri, 14 Jul 2023 20:09:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1689390558; x=1691982558; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=2kJBN0KBIM4LvlWGB7JdUXUFwnHZN9EzRGqJ90/vSLk=; b=XSnuilkgtkV4cDB1oe8B+KutA2DOisrBwcNHFG4oqhyao/Y4YiiQpyHnUE5WAUGuja lc0sOqygFwwb4pVkq5zbWM42yDOhjimJMTmRzMBjxd27lxtnSfqdNfGLCiLl/GADozGC 12vQTpq7WIw8jrKoTFXwQQZ6ODxTsEjcgHVW8/zawZtNR5G8IL8qQyQZL98pOSkeT9fN NVjelWdh61s2OUOsNA6o3J8QfPkOcuZhhZ89esRELdo1Bmy2u83PVmeuon1xSiON6kj1 IxXv/nWLztB26N6SyqnJrfOR/K2KUIq+R51YZ5LZHOQAQc6MlOz89GaFA9NsUJN1ntMW uJ7g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689390558; x=1691982558; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=2kJBN0KBIM4LvlWGB7JdUXUFwnHZN9EzRGqJ90/vSLk=; b=RQpZKVtVAx2uiezFhh2UOeI3GV63aJ5e/JzIoEFdzCNd4RUMAKq40tQfESL77WqRef qJdA816hRw5Fm+9eb8emsMCO9fIyL9bAezILCzInbk14EklRGfCvolINX73U2ahszoam c7TZ1H+mXU+FDIzU/B+JmwhKgGdKgKKgJnq8lDv5K1cyhCcVRrfk7lxmpnNDADrvGZF2 q1OHWt5Whsdg88uKPwbrFDqKKd5ieTv/vVZrVoVxLLBUEIXfX+nz2nIuVXZEf3qNyFza A2bdCWukeXC9Jmn9HbTGx9s0790TPPKdOOiPS1o1Wr9POHC/1VlMT0bm5UkjmyxQ7N0Q F5jQ==
X-Gm-Message-State: ABy/qLYI+lfylqcpaxRtC77Gy1Z2/AyYrsVffrJgfuJ/Os8dSCaFRbg4 lkQ9tL9ZHIlgoaCnJpDcDvOzamLo5/84ynkl4fol27CJUTynWs2/
X-Google-Smtp-Source: APBJJlF34CyRymcmJ+y6jZaNNYn388vwA6df3A+osWxMj62E7rdE8EtEDuwIF/zPoRL85lJrLyCl819yOfuTanZDcRo=
X-Received: by 2002:a5d:604f:0:b0:315:9c3a:43c3 with SMTP id j15-20020a5d604f000000b003159c3a43c3mr5145326wrt.15.1689390557737; Fri, 14 Jul 2023 20:09:17 -0700 (PDT)
MIME-Version: 1.0
References: <168918977844.34874.4932573188724499998@ietfa.amsl.com>
In-Reply-To: <168918977844.34874.4932573188724499998@ietfa.amsl.com>
From: Neta R S <neta.r.schiff@gmail.com>
Date: Fri, 14 Jul 2023 23:09:07 -0400
Message-ID: <CAM-HxCPjMiAAfL3COHsVd=c5uDYatsfLVNai+pzMKwRq-akQsw@mail.gmail.com>
To: Roman Danyliw <rdd@cert.org>
Cc: The IESG <iesg@ietf.org>, draft-ietf-ntp-chronos@ietf.org, ntp-chairs@ietf.org, ntp@ietf.org, dsibold.ietf@gmail.com, odonoghue@isoc.org
Content-Type: multipart/alternative; boundary="00000000000014b7e906007de488"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/jtjYBDxOTAmPVapH-_feU_Q0a-Y>
Subject: Re: [Ntp] Roman Danyliw's No Objection on draft-ietf-ntp-chronos-20: (with COMMENT)
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Jul 2023 03:09:23 -0000
Hi Roman, Thanks for your feedback. Please see me reply below (in blue). Thanks, Neta On Wed, Jul 12, 2023 at 3:22 PM Roman Danyliw via Datatracker < noreply@ietf.org> wrote: > Roman Danyliw has entered the following ballot position for > draft-ietf-ntp-chronos-20: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to > https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ > for more information about how to handle DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-ntp-chronos/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Thank you to Benjamin M. Schwartz’s SECDIR review. > > I support Paul Wouter’s DISCUSS position. > > ** Per the document status, was there WG discussion on making this document > experimental status instead of informational? I don’t have a sense of how > much > field validation there is of this approach. > As this comment was previously answered, I quote here my co-author’s answer: “There was quite a bit of discussion in the NTP working group about whether the document should be informational or experimental, and the decision was to proceed with information. We believe that "informational" fits this draft for two reasons: firstly, an experimental evaluation was performed by the authors, and contributed to how Khronos is currently defined, and secondly, Khronos can be implemented without affecting or compromising interoperability with existing NTPv4 implementations. While the NTF implementation is in progress, we believe it should not affect the intended status of the current document.” > > > ** IDnits reported: > == Unused Reference: 'RFC2119' is defined on line 560, but no explicit > reference was found in the text > Thanks, I removed it. > > ** I don’t fully understand what a “watchdog” is. It would be helpful to > clarify what is being described and the notional implementation mechanism. > I added clarification in the introduction that a watchdog is simply a background monitoring application. In our case it guards against time shifting attacks. > > -- is “Khronos” an algorithm and this is guidance to NTP client > implementers? > Is there a “Khronos application” and an unmodified “NTP application”? > > -- Is there any interoperability being described here? > > -- Per Warren’s ballot, when “Khronos” detects malfeasance, how does it > interact with OS or what new behavior does it introduce to a NTP client? > Khronos is an algorithm designed by this draft to be implemented alongside any given NTP client (such as NTPv4). Khronos implementation should be capable of monitoring the local time in a machine and if needed fixing it. We leave this as implementation detail whether any specific implementation adaptations are required to pair Khronos with a given NTP client in different operating systems. > > > ** Section 3. > Based on > empirical analyses, to minimize the load on NTP servers while > providing high security, the Khronos poll interval should be around > 10 times the NTPv4 poll interval > > Since the guidance is “should be around 10 times”, when would you deviate > from > “10 times”? A value of “10 times NTP interval” was provided assuming the NTP poll interval is within its default range. > > ** Section 3.1 > Calibration is performed at the first time the Khronos is executed, > and also periodically, once in a long time (e.g., every few weeks/ > months). > > “Every few weeks” to “months” seems like a large spread of time. What > guides > the calibration window? > In general, the smaller this interval the more up to date entries will be in the local pool, but the few hundreds of DNS queries to the pool address will be performed at a higher rate. In the example provided in section 3.1, it is explained that setting it to one month will result in at most 10 DNS queries per day. > > ** Section 3.2. > Note that the randomness of the > server selection is crucial for the security of the scheme and > therefore any Khronos implementation should use secure randomness > implementation such as used for encryption key generation. > > If “randomness of the server selection is crucial”, why isn’t it mandatory > for > Khronos implementations to use a secure randomness implementation? > Specification s/implementations should use/implementations must use/ > Thanks, I fixed it.
- [Ntp] Roman Danyliw's No Objection on draft-ietf-… Roman Danyliw via Datatracker
- Re: [Ntp] Roman Danyliw's No Objection on draft-i… Neta R S
- Re: [Ntp] Roman Danyliw's No Objection on draft-i… Danny Mayer
- Re: [Ntp] Roman Danyliw's No Objection on draft-i… Neta R S
- Re: [Ntp] Roman Danyliw's No Objection on draft-i… Roman Danyliw
- Re: [Ntp] Roman Danyliw's No Objection on draft-i… Neta R S