Re: [Ntp] The NTP WG has placed draft-roughtime-aanchal in state "Call For Adoption By WG Issued"

Marcus Dansarie <marcus@dansarie.se> Wed, 11 September 2019 11:06 UTC

Return-Path: <marcus.dansarie.nilsson@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C17F1200E9 for <ntp@ietfa.amsl.com>; Wed, 11 Sep 2019 04:06:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LLhlMosj2pUx for <ntp@ietfa.amsl.com>; Wed, 11 Sep 2019 04:06:45 -0700 (PDT)
Received: from mail-lf1-x142.google.com (mail-lf1-x142.google.com [IPv6:2a00:1450:4864:20::142]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BACA11200EC for <ntp@ietf.org>; Wed, 11 Sep 2019 04:06:44 -0700 (PDT)
Received: by mail-lf1-x142.google.com with SMTP id j4so16081531lfh.8 for <ntp@ietf.org>; Wed, 11 Sep 2019 04:06:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:subject:to:references:from:openpgp:autocrypt:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=8Nuy0Jw1Od9pgfEXH8lRMcVb43pPghUea+l5hZ+TJu0=; b=BSxfPcQulTD8a5MDGewGkk6UL5/P0tx/rJPxPSgY7Rdkfn2/9C236+bPlNYT3oFs1s sMxLPSq/N0Z0VFcshplYn0YhrLaRed+9GNzRqvNhSb6ky/Dt19pWBBOkBCmCQ4wNG2gS WxJa4lwXV7SmwRxsq/xlhJy5jl1SjFpdhp1QWpf63y+MAdpw4vwZjSeTEfYyikURjqmC T71DrDaf9HbSfZcy/67LdK//ViN9o05Fsrpm+fCKELKd+QOgp17/aSj3AXc74IexY15r aL/CR/LQ40ky+fGBbH67a11myOTk4xxCiMcPhxEIsmXjmSCzps3/c+GdlraupfTfHmeY 7prA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:subject:to:references:from:openpgp :autocrypt:message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=8Nuy0Jw1Od9pgfEXH8lRMcVb43pPghUea+l5hZ+TJu0=; b=dF1A5+JsQYtqiSTKWAKiUjDH+bwfnZ/9jeeBGr1h1o59tYZyezX0DaoDdbnsrlvS2O fh5srauMF+n3jKPaS53Bdd4i/L4st+mGQb5zwHIjFOMwEOuQ5rM8GPfn65omQHYifIzA H8UrWYKFVmOzHvirdMIi4fpczBNCADC1zTcTfJ4eQbahid297JRh/o37jBjZbaJqPjoE lA7katQYBJ8xbowmcCTOLzLuhja1Q55gmx8xHVx52LDOWj7ylhzj1VLSK86z5il50fMN ifmFz5Y69/9YbBCrczQ4qXO0gF8Wh60LloElfT4LEK8vWFz0KWdnZuhbOAdUM2yxiA/B mtHg==
X-Gm-Message-State: APjAAAW7S14KNbuHsjp83WiKP8gQazIykdOl5KH6An+uLuFsBJ+McrhI kauSO5ADzt5jRhPhjFTPejKBpUmz
X-Google-Smtp-Source: APXvYqy3UbtKZgzGXZDsYeNzkKECkmVFnRR+BrZbqpOXBmeokrER2YMRWq0XEKM35q6TWqIFSIQjtA==
X-Received: by 2002:ac2:5983:: with SMTP id w3mr5762861lfn.121.1568200002563; Wed, 11 Sep 2019 04:06:42 -0700 (PDT)
Received: from [10.21.17.160] ([193.11.97.166]) by smtp.gmail.com with ESMTPSA id i21sm5038001lfl.44.2019.09.11.04.06.41 for <ntp@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 11 Sep 2019 04:06:41 -0700 (PDT)
Sender: Marcus Dansarie <marcus.dansarie.nilsson@gmail.com>
To: ntp@ietf.org
References: <watsonbladd@gmail.com> <CACsn0cktCkUjS-gUSWPhVoo+LWJD_MVeSaX2WqdcH0WNPyo2Tg@mail.gmail.com> <20190910063355.7082A40605C@ip-64-139-1-69.sjc.megapath.net> <OFA013F915.2AEF3333-ONC1258471.00380E6E-C1258471.003BA9C3@ptb.de> <dbf6adae-dd5a-2c86-7bc2-2829db0cbb83@dansarie.se> <20190911070549.GF21704@localhost>
From: Marcus Dansarie <marcus@dansarie.se>
Openpgp: preference=signencrypt
Autocrypt: addr=marcus@dansarie.se; prefer-encrypt=mutual; keydata= mQINBFawEn4BEAC8YukDy8f3eczlE8WAcuctrjsNltPCLZDzcj3vBmiayXlXuPULOopqeuw4 +oaZqj4KqvdFBA1mzvwPll7IHePuwAoJYJr48IbIXc9MRjtLoFtd0KnhiVPUS8F2cmfzSJ8E FEv92sz6UT8/tlLEu6sNqr6/caYUivspuW5wf4f6nkSE+6rao9Nx9X03r289IPNBSZv+Y/Ym jWHDPpbT8WLUJZ+A8RsW/1oza609oAzqTkclmnRzip8wZZWNg3Q55P7onBmTIOrEz13My9r5 DWCMHyxXgFL1RJ9YW0t4yRkRm+HvOn3Vesk3m8CCGA6esHV0IPZmBOxJr3l+UQYuDiTgFufr WMpu5MvlyKGHS4fNd505DyyJY2G6eQLLrOq3nZy4qoZSL42TMxzYglexg+H6P/YsIIShk5Ch h/hNphXjrElDWhbGT5JiRWIivgSj/gq5QVBbDLR3b25n9PA0byGemfcEHLkii6EKyH7GW6v9 sgmvCmPfEfppYcOP2g9Jdt8RPitx0UBjoCzWAn0Py0NvlFDyz0FQhWDPig3yo1CG5ljb686v VBwcHJthczUV0rIyVzfmnikIb9ZjydHSX3fFwLz1IcIIX+INS58qA0SDqOoyP2WTYGZCDPVw GMMh+wMtAL2MICTr6vybFWB58m4PsI1j8Ri+AQiEkxyJauI2WQARAQABtCRNYXJjdXMgRGFu c2FyaWUgPG1hcmN1c0BkYW5zYXJpZS5zZT6JAlwEEwEIAEYCGwMCHgECF4ACGQEJCwkNCAwH CwoEBhUKCQgLAgUWAwIBABYhBBfkVFb0H62SH33Csy9j5/6tpPBjBQJcLN6RBQkHXf+TAAoJ EC9j5/6tpPBjZNoQAI87t6fNeEDUe3mVxvhHbh0IQ3NTv5555HstmNA6ZKYeUhFIRFGGxo1D a93viLr59dL58NR43O4MA6IJTsOdCxnZfGMLRs7yHGylnilJEh9OwFHEJp0GprJ2RqfBGJsQ 0qQu90ptGhNWHeN1nEVPYg6tyTz6jFG+YuvHzIZjpCFY0xG+J92gncTDG8082kkp/fxSvKGr 6nxiH9lOxItJsUjRF3fUsmr8QERKfaYkrHaqEM05q0zlQu+ofwmq8oHk2Mlx+Earb0KgGWqM 85l8+uVnM/DKeD6qH8zAaOQImcyEn7KNQuHR+FELPRFFJ5BkSrJXat8P4ViC4Md0lF3X3sm9 nxztGbVD4v9M50ci7hosVsiqslU/nMv59f3NPATR+sOZrq3K5rSUGeVbF3+3ZT3fF4FfE7Gl ldtS8D4Lq8MYbfuFD4JnhqLQf9nuOeBH2qcJf6M6R5yi+NwEF7w1xGWYfI+ifNRlPl5FCJDj ft3JFxswKMpobyp2Amo1oman7kORTZ+dnQ9JNLZSbqSZRZ7CQt30exO1jgW0H0oYKVlZ3p3Q VqVC4BA5Ap7Pc6Da7LlgJnF6yfy1ODFllYBIT4kLOL/99W9CsKinaa6pJAjfs+x1QzzrR0ji ucHinLTeZ4JYDtFxXAEkQ2tuxaouoz+cLwrOwTepiBOiUtYnAg8tuQINBFawEqwBEAClJOj1 zOQTMRGzLK/08tEdwR4EwBDiWNci0JtjT59xtJdlGujuf/9wkt9hRIiALqt8U0vHwCzmxVTP Eueewv40WOraJzzDv6OBXJZMeF+IN1/CGrZcn8rLG9J1CyyVf+gCxUUXmpQDlE91iYMB4ifj dTTTizRnVYOQh54TV0yyiL2bn+ZdL8NYNpUbpoG2vppltt0NXv9ib9WPug9Q8Sx33CkkCj3F HJLHeHqo6AkFTpBdSn6/Ezs+ZHpuhNCHtrZyiJOi2YZ8EzpuxDwVjHLh8iXu0amlXSGP5wA7 MpNEtomhGw3bUr3aBcenfS4u/RE3V/y+vXae33LtVmaH7sli0SmrP8iUxkks2qjtS6W2a/qF xlHK/FXBChNIG0uRROvDlIudg6UHzQlK4mBdraGz4etfDpsNAX0x5ssxBTaFrJlZz935GPLR sg4o5f+FYcQrIZGisfCmiH8rdF1bkz450/OyfzS7lTCoxeizOnlamVwUCTfrWah/l8BXgP/i Y6KlbGpfr7aVYvA5e7fPe7uRqzPsxq7pL72r3p/TkNuPtJ7cbShN99p7v/v38STSJ4jbzy2W LMBFw5dJI73XtSGU2g/viZgVfl4Tro4XeYMF/FmRDiYcd+GpuDoB+g+NJYpGRGnr4+GgWl9U YCnN1TE9LSpvehvvKMvGqi0U1ENOUwARAQABiQRbBBgBCAAmAhsCFiEEF+RUVvQfrZIffcKz L2Pn/q2k8GMFAlws3qsFCQdd/38CKcFdIAQZAQgABgUCVrASrAAKCRDBCAAOw+Eh5rtYD/wN eZOov+0rwhszfD+IY9fI4qFUjuiKWR06fJ60HV7cStkDW6WtrF+NkUAwH5G0yrA+izyI9wtR 4r5OW5ruPWTRbHxOmsLfRnqh4dKU6uCvtoL+LNzAMyPORiZkzomOaKAPdtiVgECVupLsApDl 4tI2hpMYKmeTVuessXa83oGOi8uQGK/M57Koz20KPfLltJBsCcOwofCUdbmaPOlN/DspOaIe LWzN7qb3pzAuUltBCvVI3VRgqvfh6JSiGyaSUfjghfbtz0uAlZ4wSfHX2+Iw+1/9mlElZjkC y6QgxCb1vMqGSw5u596aGVm7m2zVGLn4/xhpFNbxHUwWre/AAMtJR5ASK3cq2au1U2rOja3f rRfzMuBqTrQGb+OcCaesaOssd7t+RmDKfv0u40z6ls9Mzav+BCXzfOnb3HNAgJE5C/xApTsd xhn5BZoxHy8N2Pc0emWe6JI5UDPlKpuwH6JDKrLaoHhE7Gy2U6iinQcgI5IEEa8wmwoWfkjU 5phTbZVHJ+yTOeZWcbJtyFIX18fbzyrZWguo1EWHubv33KqbiJ6klpfg5chwKXWZIlLmbivp Dv0KRybk5GB+X83OpeAH9dKT3kvcu6midppjFzakSIiaoSJDS9jcqQYEiRG71lnD7QdCoqjb fHZh8HXGYSbenDzisWIRouGsimOyeSaX6QkQL2Pn/q2k8GOq8g/+PAcag2kmEQeJIVEtVCA3 e+/v+9XTi/7X7fZ247gAHbbaZKavRMFmgVsJNq6riC4HoetUWwMWJ2A/buSVMVJwAd5pWXAq WkOPWgv60FN92yfdUPjXXhLMXhntCLaRbNmKw0gETFLlUGXbRHyiO02EbJziI+vOr3R3AYa/ JEvsCHKX6TUm/HerBmzTUOi/igtd/H7B4EYcO5bZLKSJ8RZT5hKwOpVIYOdvBWZx2+MTG++A w6mDCgpIRseWgsyrkfsKkf+xQw0JewsFMyW5z+swV5/SCrhzexRIh1Jr5KBQ7FI7WgO5l46o EKtCmBjDSckdlBg5wfpPHK4s3k3FreX/tPqrzwTaBY9NIyzLGE2KFgr5lTWOr4P5xb37CNg4 hCzSJStvrlR/MscUmjaYR+dHCwzNr5tkBDSIqBKw6THWV+i0g3Vo41FF06Eg8dnW0yMX5Vfp zw9YYFsTV+WbKBTRwNA6OsAkkD7zMU0KzL3+i33uzgo+CffBYJs12yABIWXtNWlXiJpqePyh /6PTEfYMUE7dDr8qlEt23AoGs3Eme+OgY/Y5Yv03jcINp98/qnXnnqf9ghpVavajVwOIQui5 CMxWUkDweNyEYJA4jaKkov5/iwssNosBSF007b4loCXLv45iz8jkQwYHUwzH86W6Gk13/bdt v0ksRjKe291ygQm5Ag0EVrASywEQAMscigyDy6txQ/cUE8P+S9zMPNbsTSqa3iyj0SREswxm JsrUou+yOt/Y4UxGX+JLc/zjI1+frWE33CNmucYMtrZSrxgQDp+Wp8Ak7UNQlBtRIjdcPqmA EFzgG9OP7If7MJZMeWVd47ybIYUKohuTdFgwJSF80f+DGLLjIchyVZbvyZWSQKIAxfavmZr1 CNEVYXyrL752rLVB+KnQgJaFqHFPp6cO/Y20ViF9QsLRtlref1VrxtdPuILhEKMmmc+ZRsDh J0V8Mi5q8pWcYWrz+JiVRyA1ULAhg6C2ypj1cFNnQyN22XptXbz687bqZQxar5xyAAV4D6i/ 8q1kNgSsbDq+XkWuGjS9kmvLGM9kGARNhMFNguJSgSfqZExPAJhCZ4hVboTKFoRR10482rlO yj0Va0GbmpGqftjNodA4mjpBi52pNymUF+s6eTk13L9DOOJ8d0+2Qd6e4uTeNXJhNW6g2l7b 5dt/bbHMla7hgqRKUtTqQRR2JCpP3vF4sHWnXYdEcJSACarBcxbfdwZBnF9Nwv7GiNTEEg7O +8qwlj16LTB8oNWjOwAHiqg0xQlL8JTz2rkX0gUIW1Hy9A6b6UikViRbmpHXg0s7364Xtxji mkKD8DVnC5NJDiwZztqG2iW7kxJnfA+eAClKEh+niZo5NpjWNUfhjUXM5DNVHtchABEBAAGJ AjwEGAEIACYCGwwWIQQX5FRW9B+tkh99wrMvY+f+raTwYwUCXCzeqwUJB13/YAAKCRAvY+f+ raTwY6oaD/9Q1RhI/RNI0TmS60ih7gTZ1wvWbU24qGHZ1Q5kgriS5C59IWDkVlOCx2qQVwJO eGBrUHDhEuL2AuAF46Rmh+tIFMqij8Orz8zebSydM8aBtSPua2QpAta/IJS/5jvGN0aKbim8 MpD9oCHFp7N+37p7e5jrpLHz3qh5cDau+fFDUzS04gtcgkJb3wXg0MhgoZF/KU3JSq0Xs0Ni ioljOHDgOddGzO7Dd2KbCW2vtzo7m50yrLHI77hsocnkqrIcIn6TeYtH7K1aksEI0KC2Sg0b ome7eO8jCziXZO73iwq9hflXAiZp9CM2HWlb7e2zXe8vChJorEf+9w3t/jyvQzCtOf12jUM1 xr99DODBAEtJ0/tUfSsGvfETmAhYD2tjRmVwzB7jRq6U4bc5jtcYEL5YKEWBIvJDVvzE3iu/ HHjc83bIIyqxeYyT3uClTWPVP5OEWBxGUas7u3hlxxmSzGjpXUDBZyoeC+Q6Q3WUp6zOSg+/ yVwD/KBQQ/Sy6vOfvgh6PmsP1D5xCZSl6UWnxSi8lTtAcjUjHyG1qCudR/pmDv0OL5Ul8PeF 87DBMz4Y0our+MslzlvhrmI90XcKAyHrukdnanS+gle61a44uFwtUGPTvCtSW4AQLR1uixc8 qaHsQNmXpQQOIt6nudcOCisXa1c6P/WU8I94u9BmCjTWRQ==
Message-ID: <4cde8f23-d79a-c75e-7f30-a9aacc45fe3b@dansarie.se>
Date: Wed, 11 Sep 2019 13:06:41 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <20190911070549.GF21704@localhost>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/kUdb8awXODkfdKwmaEu_tjQoOSg>
Subject: Re: [Ntp] The NTP WG has placed draft-roughtime-aanchal in state "Call For Adoption By WG Issued"
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Sep 2019 11:06:47 -0000

Yes, it's becoming apparent that the draft needs to include the
motivations for the Roughtime protocol. The impression I've got about
Roughtime so far, and the reason for why I'm a proponent of it, is that
it is small, simple, and easy to implement. I view it mainly as a way
for end user applications (browsers etc.) and embedded devices of all
sorts to get a "good enough" time for bootstrapping, verifying
certificates and similar.

The ability to provide proof of malfeasance is good in situations where
the security of a system is dependent on time being accurate. Hopefully,
it will also deter any nefarious actions against users from Roughtime
server operators. For example: Someone with bad intent could set up a
pool of time servers that provides a high-quality service to almost all
users and thereby gain the trust of the community. That operator could
then misuse that trust to serve bad time to a small subset of targets
within the large user base. In this case, the target of the attack can
provide proof of this and refute the "works for me" argument from the
non-targeted users.

Kind regards,
Marcus Dansarie


On 2019-09-11 09:05, Miroslav Lichvar wrote:
> On Tue, Sep 10, 2019 at 10:30:23PM +0200, Marcus Dansarie wrote:
>> As someone (Daniel or Watson?) said in today's interim meeting: the
>> purpose of Roughtime is generally not to set the system's clock, but for
>> other purposes such as certificate verification.
> 
> It would be good to explain that in the draft. But I'm not sure how
> exactly that makes it different from NTP. An NTP client doesn't have
> to synchronize the system clock and it doesn't need any special
> privileges. There are of applications that don't trust the system
> clock and use NTP to verify the current time, even though it might
> seem like a terrible idea.
> 
> If I understand it correctly, Roughtime could be specified as an NTP
> extension field, possibly as an extension to NTS. So, I think the
> document should explain why a new protocol using a different transport
> was needed. I guess one reason could be that Roughtime is easier to
> implement than NTP, especially in some specific frameworks.
>