Re: [ntpwg] call for adoption (draft-dfranke-ntp-data-minimization)
Miroslav Lichvar <mlichvar@redhat.com> Wed, 29 March 2017 09:41 UTC
Return-Path: <ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org>
X-Original-To: ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com
Delivered-To: ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EAC5E129418 for <ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com>; Wed, 29 Mar 2017 02:41:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SpfLFUSRqhNJ for <ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com>; Wed, 29 Mar 2017 02:41:32 -0700 (PDT)
Received: from lists.ntp.org (psp3.ntp.org [185.140.48.241]) by ietfa.amsl.com (Postfix) with ESMTP id B86F5129400 for <ntp-archives-ahFae6za@lists.ietf.org>; Wed, 29 Mar 2017 02:41:32 -0700 (PDT)
Received: from psp3.ntp.org (localhost.ntp.org [127.0.0.1]) by lists.ntp.org (Postfix) with ESMTP id E648D86DC0F for <ntp-archives-ahFae6za@lists.ietf.org>; Wed, 29 Mar 2017 09:41:31 +0000 (UTC)
X-Original-To: ntpwg@lists.ntp.org
Delivered-To: ntpwg@lists.ntp.org
Received: from mail1.ntp.org (fortinet.ntp.org [10.224.90.254]) by lists.ntp.org (Postfix) with ESMTP id 4E22A86DAB3 for <ntpwg@lists.ntp.org>; Wed, 29 Mar 2017 09:41:29 +0000 (UTC)
Received: from mx1.redhat.com ([209.132.183.28]) by mail1.ntp.org with esmtps (TLSv1:AES256-SHA:256) (Exim 4.77 (FreeBSD)) (envelope-from <mlichvar@redhat.com>) id 1ctA6R-000Mpd-29 for ntpwg@lists.ntp.org; Wed, 29 Mar 2017 09:41:29 +0000
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8E6322E6060; Wed, 29 Mar 2017 09:41:17 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 8E6322E6060
Authentication-Results: ext-mx05.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx05.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=mlichvar@redhat.com
DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 8E6322E6060
Received: from localhost (holly.brq.redhat.com [10.34.24.121]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A8E8896286; Wed, 29 Mar 2017 09:41:16 +0000 (UTC)
Date: Wed, 29 Mar 2017 11:41:15 +0200
From: Miroslav Lichvar <mlichvar@redhat.com>
To: Daniel Franke <dfoxfranke@gmail.com>
Message-ID: <20170329094115.GC23511@localhost>
References: <CA564C5C-6CED-4810-BA2F-5433F2525249@isoc.org> <20170327133842.GK8192@localhost> <CAJHGrrTvY0gdPdrWDDJiEbD3hnA6vKWhva4cFzNgt=e6zGY5tA@mail.gmail.com> <20170327153535.GA16225@localhost> <CAMbs7ks+zcZV+d0sRxq=0LD-UbLjOhhpaK=GxvPEX0KJ7rz0=g@mail.gmail.com> <CAJm83bCT5PeSWq6kG8gfOz6Yfw7i8+3ix1yQazNuM9d0-OL3AQ@mail.gmail.com> <346830ae-cffd-0470-ae20-16fee166aa36@nwtime.org> <CAJm83bCvGR4rcRYHKFO57GOy5ZQDYfp0M4fkY7sq=1nsT0Lrfg@mail.gmail.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <CAJm83bCvGR4rcRYHKFO57GOy5ZQDYfp0M4fkY7sq=1nsT0Lrfg@mail.gmail.com>
User-Agent: Mutt/1.7.1 (2016-10-04)
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Wed, 29 Mar 2017 09:41:17 +0000 (UTC)
X-SA-Exim-Connect-IP: 209.132.183.28
X-SA-Exim-Rcpt-To: ntpwg@lists.ntp.org
X-SA-Exim-Mail-From: mlichvar@redhat.com
X-SA-Exim-Version: 4.2
X-SA-Exim-Scanned: Yes (on mail1.ntp.org)
Subject: Re: [ntpwg] call for adoption (draft-dfranke-ntp-data-minimization)
X-BeenThere: ntpwg@lists.ntp.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: IETF Working Group for Network Time Protocol <ntpwg.lists.ntp.org>
List-Unsubscribe: <http://lists.ntp.org/options/ntpwg>, <mailto:ntpwg-request@lists.ntp.org?subject=unsubscribe>
List-Archive: <http://lists.ntp.org/pipermail/ntpwg/>
List-Post: <mailto:ntpwg@lists.ntp.org>
List-Help: <mailto:ntpwg-request@lists.ntp.org?subject=help>
List-Subscribe: <http://lists.ntp.org/listinfo/ntpwg>, <mailto:ntpwg-request@lists.ntp.org?subject=subscribe>
Cc: ntpwg@lists.ntp.org
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org
Sender: ntpwg <ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org>
On Mon, Mar 27, 2017 at 04:50:42PM -0400, Daniel Franke wrote: > Regardless of your opinion of OpenNTPD design choices, the facts > remain that it's in wide deployment and sets the precision field to > zero. Those facts alone make it a good choice for standardization > since: > > 1. Matching an existing implementation leads to one less opportunity > for fingerprinting. I'm not sure how much that really helps. Even if other implementations sent packets looking exactly like those from openntpd, the timing of the packets would still be different. An observer can easily tell if it's openntpd, busybox (which is based on openntpd), ntpd, chrony, or something else, without actually looking at the values in the packets. The fixed one-second timer in ntpd not only helps with fingerprinting the implementation, it can be also very useful for fingerprinting individual ntpd instances as they send requests at the same sub-second fraction. A specification on how exactly should the timing for a given poll interval look like (e.g. its distribution and granularity) might help. However, adjustments of the polling interval that clients normally do to adapt to the stability of the clock and network could still be useful for fingerprinting. Suggesting a constant polling interval for all NTP clients on the Internet would probably not be a good idea. > 2. Existing widespread use of this value means we can be confident it > won't break anything. 32 is not as common as 0, but it is used too. Another large precision that I often see is 118. I've no idea where that comes from. -- Miroslav Lichvar _______________________________________________ ntpwg mailing list ntpwg@lists.ntp.org http://lists.ntp.org/listinfo/ntpwg
- [ntpwg] call for adoption (draft-dfranke-ntp-data… Karen O'Donoghue
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Harlan Stenn
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Paul Gear
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Harlan Stenn
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Miroslav Lichvar
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Miroslav Lichvar
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Salz, Rich via ntpwg
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Sharon Goldberg
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Daniel Franke
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Miroslav Lichvar
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Aanchal Malhotra
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Daniel Franke
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Daniel Franke
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Miroslav Lichvar
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Harlan Stenn
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Harlan Stenn
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Harlan Stenn
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Daniel Franke
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Daniel Franke
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Harlan Stenn
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Harlan Stenn
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Harlan Stenn
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Harlan Stenn
- [ntpwg] Antw: Re: call for adoption (draft-dfrank… Ulrich Windl
- Re: [ntpwg] Antw: Re: call for adoption (draft-df… Harlan Stenn
- [ntpwg] Antw: Re: call for adoption (draft-dfrank… Ulrich Windl
- [ntpwg] Antw: Re: call for adoption (draft-dfrank… Ulrich Windl
- Re: [ntpwg] Antw: Re: call for adoption (draft-df… Hal Murray
- [ntpwg] Antw: Re: Antw: Re: call for adoption (dr… Ulrich Windl
- Re: [ntpwg] Antw: Re: Antw: Re: call for adoption… Harlan Stenn
- Re: [ntpwg] Antw: Re: Antw: Re: call for adoption… Daniel Franke
- Re: [ntpwg] Antw: Re: Antw: Re: call for adoption… Daniel Franke
- [ntpwg] Antw: Re: Antw: Re: Antw: Re: call for ad… Ulrich Windl
- Re: [ntpwg] Antw: Re: Antw: Re: call for adoption… Daniel Franke
- Re: [ntpwg] Antw: Re: Antw: Re: call for adoption… Salz, Rich via ntpwg
- Re: [ntpwg] Antw: Re: Antw: Re: call for adoption… Harlan Stenn
- Re: [ntpwg] Antw: Re: Antw: Re: call for adoption… Daniel Franke
- [ntpwg] Antw: Re: Antw: Re: Antw: Re: call for ad… Ulrich Windl
- [ntpwg] Antw: Re: Antw: Re: Antw: Re: call for ad… Ulrich Windl
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Miroslav Lichvar
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Daniel Franke
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Greg Dowd
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… Daniel Franke
- Re: [ntpwg] call for adoption (draft-dfranke-ntp-… dieter.sibold
- [ntpwg] Antw: Re: call for adoption (draft-dfrank… Ulrich Windl
- [ntpwg] Antw: Re: call for adoption (draft-dfrank… Ulrich Windl
- Re: [ntpwg] Antw: Re: call for adoption (draft-df… Miroslav Lichvar