Re: [Ntp] New Version Notification for draft-gruessing-ntp-ntpv5-requirements-03.txt
Danny Mayer <mayer@pdmconsulting.net> Fri, 15 October 2021 16:06 UTC
Return-Path: <mayer@pdmconsulting.net>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 183AB3A0AB0 for <ntp@ietfa.amsl.com>; Fri, 15 Oct 2021 09:06:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AMWxju7bpAep for <ntp@ietfa.amsl.com>; Fri, 15 Oct 2021 09:06:13 -0700 (PDT)
Received: from chessie.everett.org (chessie.everett.org [66.220.13.234]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D39FD3A0AAF for <ntp@ietf.org>; Fri, 15 Oct 2021 09:06:07 -0700 (PDT)
Received: from newusers-MBP.fios-router.home (pool-108-26-179-179.bstnma.fios.verizon.net [108.26.179.179]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by chessie.everett.org (Postfix) with ESMTPSA id 4HWB2f2tVHzMNQF; Fri, 15 Oct 2021 16:06:02 +0000 (UTC)
To: James <james.ietf@gmail.com>, Doug Arnold <doug.arnold@meinberg-usa.com>
Cc: NTP WG <ntp@ietf.org>
References: <163386015957.12424.6997038478834885480@ietfa.amsl.com> <CAO+dDx=6baLhf9LwSMvR1F0ieuLO6NXmExYLDvcCF2tgchHs8w@mail.gmail.com> <DB8PR02MB5772AC97BFE2D7C1139EFDC0CFB89@DB8PR02MB5772.eurprd02.prod.outlook.com> <E469D9A7-7445-49D9-A8A2-82BA7BF1FA27@gmail.com>
From: Danny Mayer <mayer@pdmconsulting.net>
Message-ID: <1985d4ff-d4a9-5ca3-e1b8-3d5f9a2fcc4b@pdmconsulting.net>
Date: Fri, 15 Oct 2021 12:06:01 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.14.0
MIME-Version: 1.0
In-Reply-To: <E469D9A7-7445-49D9-A8A2-82BA7BF1FA27@gmail.com>
Content-Type: multipart/alternative; boundary="------------60B501D9344ACEB8501C24A8"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/kLU3U4H3PXdKRaFKul-KNlo4pqE>
Subject: Re: [Ntp] New Version Notification for draft-gruessing-ntp-ntpv5-requirements-03.txt
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Oct 2021 16:06:23 -0000
On 10/15/21 5:27 AM, James wrote: > Doug, > Thanks for the feedback, responses inline. > >> On 15 Oct 2021, at 00:45, Doug Arnold <doug.arnold@meinberg-usa.com >> <mailto:doug.arnold@meinberg-usa.com>> wrote: >> >> Thanks James, >> I think that this is pretty close to what is needed for ntpv5. I >> like the separation of protocol and algorithms, and the use of >> monotonic timescale for timestamp fields (at least by default), and >> the insistence on security. >> I have two comments: >> 1. Why do you think that encryption should be the default mode? >> People often consider timing information to be critical but not >> secret. Also it is likely to affect accuracy in implementations by >> adding a variable delay to encrypt. > > We’ve had a few discussions on list on the subject in the past, and > the draft says: > > > Encryption and authentication MUST be provided by the protocol > specification as a default and MUST be resistant to downgrade attacks... > > To put this another way, I think the specification must provide > confidentiality as well as authentication, and that if either is > applied they cannot be removed from a connection (aka a security > downgrade) which makes authentication the minimum and doesn’t > necessarily mandate confidentiality. > > This section in particular could probably use some editing and > clarification to better explain this [1] as we’ll likely need > consensus calls made. Encryption needs to be off the table. It's not just a bad idea, it provides no benefits. Time is not a confidential matter. If you have some use cases for encryption, please state them. > >> 2. I think that it is better to allow leap smearing and make it a >> visible part of the protocol than to pretend it is not going to >> happen. On this topic I think that Miroslav’s proposal was more >> realistic. Data center network architects tell me they definitely >> plan to continue to do leap smearing. > > In other use cases such as publicly accessible NTP, leap smearing has > effectively fragmented the pools of services a given host can use as > mixing smeared and non-smeared services is not a good idea, in > addition to the start/end and cadence of smearing being inconsistent > between providers [2]. I think that having a “linear, monotonic > timescale” and leap smearing together are contradictory and so having > smearing in the wire format would requiring changing that. My proposal > doesn’t prevent smearing of a clock being synchronised, it’s about > removing the smear from the wire. > Leap seconds needs work. I have an idea to add a leap second info piece to the base packet that will not only tell you if a leap second is in progress, but also when the last one occurred and the number of leap seconds added since TAI but also if one is coming up when it will occur and the new number of leap seconds instead. In addition, if leap smearing is in progress then the type of smearing (by ID maintained by IANA). This allows a client to filter out leap smearing or type of leap smearing it doesn't want. Danny
- [Ntp] Fwd: New Version Notification for draft-gru… James
- [Ntp] Antw: [EXT] Fwd: New Version Notification f… Ulrich Windl
- Re: [Ntp] Fwd: New Version Notification for draft… Doug Arnold
- [Ntp] Antw: [EXT] Re: Fwd: New Version Notificati… Ulrich Windl
- Re: [Ntp] New Version Notification for draft-grue… James
- Re: [Ntp] New Version Notification for draft-grue… Doug Arnold
- Re: [Ntp] New Version Notification for draft-grue… Danny Mayer
- Re: [Ntp] New Version Notification for draft-grue… Salz, Rich
- Re: [Ntp] New Version Notification for draft-grue… Danny Mayer
- Re: [Ntp] New Version Notification for draft-grue… Salz, Rich
- Re: [Ntp] New Version Notification for draft-grue… Salz, Rich
- Re: [Ntp] New Version Notification for draft-grue… James
- Re: [Ntp] New Version Notification for draft-grue… James
- Re: [Ntp] New Version Notification for draft-grue… Salz, Rich
- Re: [Ntp] New Version Notification for draft-grue… Danny Mayer
- Re: [Ntp] New Version Notification for draft-grue… Hal Murray
- [Ntp] Antw: [EXT] Re: New Version Notification fo… Ulrich Windl
- [Ntp] Antw: [EXT] Re: New Version Notification fo… Ulrich Windl
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Danny Mayer
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Danny Mayer
- Re: [Ntp] New Version Notification for draft-grue… Miroslav Lichvar
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Warner Losh
- Re: [Ntp] New Version Notification for draft-grue… James
- Re: [Ntp] New Version Notification for draft-grue… Salz, Rich
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Hal Murray
- Re: [Ntp] New Version Notification for draft-grue… Miroslav Lichvar
- Re: [Ntp] New Version Notification for draft-grue… Miroslav Lichvar
- [Ntp] Antw: [EXT] Re: New Version Notification fo… Ulrich Windl
- [Ntp] Antw: Re: Antw: [EXT] Re: New Version Notif… Ulrich Windl
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Hal Murray
- [Ntp] Antw: [EXT] Re: New Version Notification fo… Ulrich Windl
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Miroslav Lichvar
- [Ntp] Antw: [EXT] Re: New Version Notification fo… Ulrich Windl
- [Ntp] Antw: [EXT] Re: New Version Notification fo… Ulrich Windl
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Ulrich Windl
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Miroslav Lichvar
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Miroslav Lichvar
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Warner Losh
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Tony Finch
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Danny Mayer
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Danny Mayer
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Warner Losh
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Tony Finch
- [Ntp] Antw: Re: Re: Antw: [EXT] Re: New Version N… Ulrich Windl
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Miroslav Lichvar
- [Ntp] Antw: Re: Antw: [EXT] Re: New Version Notif… Ulrich Windl
- Re: [Ntp] New Version Notification for draft-grue… Dieter Sibold
- Re: [Ntp] New Version Notification for draft-grue… kristof.teichel
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Hal Murray
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Martin Burnicki
- [Ntp] Antw: Re: Antw: [EXT] Re: New Version Notif… Ulrich Windl
- Re: [Ntp] New Version Notification for draft-grue… Hal Murray
- Re: [Ntp] New Version Notification for draft-grue… kristof.teichel
- Re: [Ntp] Antw: Re: Antw: [EXT] Re: New Version N… Martin Burnicki
- Re: [Ntp] New Version Notification for draft-grue… Doug Arnold
- Re: [Ntp] Antw: Re: Antw: [EXT] Re: New Version N… Doug Arnold
- Re: [Ntp] New Version Notification for draft-grue… kristof.teichel
- Re: [Ntp] Antw: [EXT] Re: New Version Notificatio… Danny Mayer
- Re: [Ntp] New Version Notification for draft-grue… Danny Mayer
- Re: [Ntp] New Version Notification for draft-grue… James
- [Ntp] Antwort: Re: New Version Notification for d… kristof.teichel
- [Ntp] Antwort: Re: Antw: [EXT] Re: New Version No… kristof.teichel
- Re: [Ntp] Antwort: Re: New Version Notification f… Doug Arnold
- Re: [Ntp] Antwort: Re: New Version Notification f… Danny Mayer
- Re: [Ntp] New Version Notification for draft-grue… Steve Allen
- Re: [Ntp] Antw: Re: Antw: [EXT] Re: New Version N… Hal Murray
- [Ntp] Antw: Re: Antw: Re: Antw: [EXT] Re: New Ver… Ulrich Windl
- [Ntp] Antw: Re: Antw: Re: Antw: [EXT] Re: New Ver… Ulrich Windl
- Re: [Ntp] Antw: Re: Antw: Re: Antw: [EXT] Re: New… Martin Burnicki
- Re: [Ntp] Antw: Re: Antw: Re: Antw: [EXT] Re: New… Martin Burnicki
- Re: [Ntp] Antw: Re: Antw: Re: Antw: [EXT] Re: New… Martin Burnicki
- Re: [Ntp] Antw: Re: Antw: Re: Antw: [EXT] Re: New… Danny Mayer
- Re: [Ntp] Antw: Re: Antw: Re: Antw: [EXT] Re: New… Martin Burnicki
- [Ntp] Antw: Re: Antw: Re: Antw: Re: Antw: [EXT] R… Ulrich Windl
- Re: [Ntp] Antw: Re: Antw: Re: Antw: [EXT] Re: New… Doug Arnold
- Re: [Ntp] [EXTERNAL] Re: Antw: Re: Antw: Re: Antw… Denis Reilly
- Re: [Ntp] [EXTERNAL] Re: Antw: Re: Antw: Re: Antw… Doug Arnold
- Re: [Ntp] [EXTERNAL] Re: Antw: Re: Antw: Re: Antw… Martin Burnicki
- Re: [Ntp] changes in length of day, was Re: New V… Tony Finch
- [Ntp] Antw: Re: [EXTERNAL] Re: Antw: Re: Antw: Re… Ulrich Windl