Re: [Ntp] Danny's Review (was Re: draft-ietf-ntp-roughtime-05: tag change makes implementation more complex)

JP Sugarbroad <taralx@gmail.com> Wed, 29 September 2021 16:17 UTC

Return-Path: <taralx@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F6A73A00C8 for <ntp@ietfa.amsl.com>; Wed, 29 Sep 2021 09:17:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c3rP4Nda99dk for <ntp@ietfa.amsl.com>; Wed, 29 Sep 2021 09:16:59 -0700 (PDT)
Received: from mail-yb1-xb32.google.com (mail-yb1-xb32.google.com [IPv6:2607:f8b0:4864:20::b32]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A1553A07D1 for <ntp@ietf.org>; Wed, 29 Sep 2021 09:16:52 -0700 (PDT)
Received: by mail-yb1-xb32.google.com with SMTP id m132so6572327ybf.8 for <ntp@ietf.org>; Wed, 29 Sep 2021 09:16:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=+DNZeXkKjlwUiDkxAySBIrVzP9nsw9wTj1zJo7cW4oU=; b=WatMgGTR/ALtE7WH87WR+iqU1vrzC8fDUEo6NLbR7U6hMAoH0Zfle0uJRjMiheJ1I2 +/SLmHYhe3LphWfAgrE2jtPdfJteVxEYtuSnpw2PLAkHXZVD2n+hMgNuEJebr74InQ5D 7QzGA1J06MRPgEM++ZJPPKcFcIDSW3UfUjnozMFcg7Q6nZaFexCOPefQFr29QTwelW4N i74m4AUHNpHVpNWzlQhB8TND0hMgxyD3Yns+53cLlhuqlZVU6HyJR7pwGZcdA/bF8egB 0HlXjLiLi7F51ehxKyJ3inkG4i1hZNI3zh65SqsvLpTR0MhkUjSTrGt/Gy3vkcrWGIhS 5BbA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=+DNZeXkKjlwUiDkxAySBIrVzP9nsw9wTj1zJo7cW4oU=; b=dprzNe8NyBfHKOni+MYqlXI6RLKRP6IhyZg4uujM34CRTjO8P4zL3hLV6tBNPl0q2D IkEXDTkxwz9imZwUz7L+HW5M4guvbkVJpue8uR9Nwx6Swby01JPmnz1/PtM1zU02rAsl Sq9Yfj9QEsd98dB7fJv+vPl7NFNoARlSk5Xub9CIrAFb9DdXZdxfsk7D/nOMaQbH62d5 WG278xhWyh4836NatfBU7uSteZHEva17/2d2dB85LMl4dyEZqc5cONHCNn14M1F4V30S CfOfXqIteCqMUVFrn6ZmRUydMpYk3D4Y34AoaanrZYMSi94gnmzMnotR7zpp4HPXp+wF IkaA==
X-Gm-Message-State: AOAM533skDtt6xnV9GTtyFFB7PevkW2mToFw2LpuJ4zmAOJJh4HKY0pb 2ix2TsFQ2VC2+923qbZegZuYWFIx5mmpYLZsBlg=
X-Google-Smtp-Source: ABdhPJyonq32G+KWaRyKaogGGZQr+/nwJB++83DA6ICsrez50Gip9/2lyj/A+QtV32EXYysjfJUS+JIdTX18u2qkfpM=
X-Received: by 2002:a25:cf07:: with SMTP id f7mr808886ybg.100.1632932210866; Wed, 29 Sep 2021 09:16:50 -0700 (PDT)
MIME-Version: 1.0
References: <CAGZkp1-ZCuSvMyQyWCnE511O8-WL=OXfsTdraKsByMmWC3spVA@mail.gmail.com> <CACsn0ckZmR=k2NAmdyhVOA=V_XQ18AnBUBSTOu+bDXS1YsPpUg@mail.gmail.com> <CAGZkp18eASaF7qvubYpDgzvg643ZXuPwDs9qsiC1P_AVLcywLA@mail.gmail.com> <CACsn0cnjHFwxHT13nMavRFzRteWJ=SORY8v4RCZjdjYP0H3oaw@mail.gmail.com> <7dde7eb3-4dc7-94d3-e63a-6d5d0736b1c2@pdmconsulting.net> <54baf1fa-b138-4eb8-6f4e-99168cf2db7b@dansarie.se> <0a95d35f-f708-4a3c-4ecf-77597c42a7a4@pdmconsulting.net> <CACsn0c=gdQWDumfzeHYYWzXPV4sz4J9mTUtYW+4=KueaHHbGdQ@mail.gmail.com> <79dfd56c-54e8-8b85-ed9d-da9fac71d1f1@pdmconsulting.net> <c95eaafb-f294-a54e-d495-0cf74e574686@pdmconsulting.net> <CACsn0cmks2fdwem1rS+QNzCL1WhNR4890Fi1zpjQrL=E3Y=3fQ@mail.gmail.com> <684af837-0713-9293-168b-8b140bf15d22@pdmconsulting.net> <CAGZkp183CgJJOd5O5dDdeKtAzgCobwBzpZe3ixBWJ-ZLQXB6bg@mail.gmail.com> <edee8b51-47b4-3a33-436e-b235fdcf6b99@pdmconsulting.net> <981D597A-2484-47C9-AA99-F95E6623F51D@akamai.com> <aba9eb26-31dd-2a6e-2146-9e271c90a9ab@pdmconsulting.net>
In-Reply-To: <aba9eb26-31dd-2a6e-2146-9e271c90a9ab@pdmconsulting.net>
From: JP Sugarbroad <taralx@gmail.com>
Date: Wed, 29 Sep 2021 09:16:38 -0700
Message-ID: <CAGZkp1_3bHh3aOvhE7-yhWWVf=+uGx08g61w2qtaj+ao30=tCA@mail.gmail.com>
To: Danny Mayer <mayer@pdmconsulting.net>
Cc: "Salz, Rich" <rsalz@akamai.com>, Watson Ladd <watsonbladd@gmail.com>, NTP WG <ntp@ietf.org>, Marcus Dansarie <marcus@dansarie.se>
Content-Type: multipart/alternative; boundary="0000000000005eff7605cd24a8b0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/l5pBPDdPbolTaySHykq-UcutmHQ>
Subject: Re: [Ntp] Danny's Review (was Re: draft-ietf-ntp-roughtime-05: tag change makes implementation more complex)
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Sep 2021 16:17:04 -0000

On Wed, Sep 29, 2021, 08:12 Danny Mayer <mayer@pdmconsulting.net> wrote:

> Can you point to an existing RFC where the protocol name is in the header?
> Is there something useful about it that the security folks think it would
> be a good addition? Any other references to make sense of this?
>

HTTP 1.0, SSH, SMTP, etc. And for UDP there's a whole RFC about how to
distinguish different protocols because they don't do this.

The security problem is when an attacker can direct an honest
implementation of one protocol to send traffic to an honest implementation
of a different protocol and get unexpected results. Self-identified
protocols don't have this problem.

It's not the only solution, but it is the easiest. And 8 bytes is really
nothing when we have to pad to 1k anyway to avoid amplification attacks.

- JP

>