Re: [Ntp] WGLC: draft-ietf-ntp-refid-updates (Network Time Protocol REFID Updates)
Miroslav Lichvar <mlichvar@redhat.com> Wed, 05 December 2018 17:37 UTC
Return-Path: <mlichvar@redhat.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2737E130E71 for <ntp@ietfa.amsl.com>; Wed, 5 Dec 2018 09:37:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.901
X-Spam-Level:
X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hGepxUeCmgDe for <ntp@ietfa.amsl.com>; Wed, 5 Dec 2018 09:37:09 -0800 (PST)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB86B130E4A for <ntp@ietf.org>; Wed, 5 Dec 2018 09:37:09 -0800 (PST)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 5CA533082129 for <ntp@ietf.org>; Wed, 5 Dec 2018 17:37:09 +0000 (UTC)
Received: from localhost (holly.tpb.lab.eng.brq.redhat.com [10.43.134.11]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D30AC5C5FD for <ntp@ietf.org>; Wed, 5 Dec 2018 17:37:08 +0000 (UTC)
Date: Wed, 05 Dec 2018 18:36:54 +0100
From: Miroslav Lichvar <mlichvar@redhat.com>
To: ntp@ietf.org
Message-ID: <20181205173654.GC28938@localhost>
References: <233E3DDE-C85D-495B-8052-AE2DCDAE925B@isoc.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <233E3DDE-C85D-495B-8052-AE2DCDAE925B@isoc.org>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.42]); Wed, 05 Dec 2018 17:37:09 +0000 (UTC)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/oFdxzP5tmJ2Wh8v9Y3S_hrPs47I>
Subject: Re: [Ntp] WGLC: draft-ietf-ntp-refid-updates (Network Time Protocol REFID Updates)
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Dec 2018 17:37:12 -0000
On Tue, Nov 06, 2018 at 09:05:19PM +0000, Karen O'Donoghue wrote: > > Folks, > > This message initiates a three plus week working group last call for: > > Network Time Protocol REFID Updates > https://datatracker.ietf.org/doc/draft-ietf-ntp-refid-updates/ This document was started a long time ago and it had some nice improvements, but I'm still not sure the proposed changes are worth the problems they would cause. This was discussed many times before, so just a quick summary of the issues I see: The proposed IPv6 refid is not compatible with RFC 5905. This will cause issues between new and old implementations. We can discuss what impact these issues would really have, but they do exist. Shrinking the refid space for IPv6 to 24 bits will make collisions between IPv6 addresses more likely. There are public servers with IPv6 addresses that didn't collide before, but would collide with the proposed change. I don't see a point in avoiding collisions between IPv6 and IPv4 addresses, when the total number of collisions would be much larger. The NOT-YOU refid may have some small security benefits, but it breaks existing use cases of the field. For example, an NTP client can reject servers that are synchronized to another server used by the client (e.g. A => C and A => B => C). Hiding the refid will prevent this. The refid field is useful for debugging. For example, it allows us to find a small group of servers in a larger group that spreads wrong information about leap seconds. I think that the time source of a server shouldn't be secret, at least with public servers, and that's where the NOT-YOU refid would probably be most useful for security. I'm conflicted on this. -- Miroslav Lichvar
- [Ntp] WGLC: draft-ietf-ntp-refid-updates (Network… Karen O'Donoghue
- Re: [Ntp] WGLC: draft-ietf-ntp-refid-updates (Net… Tal Mizrahi
- Re: [Ntp] WGLC: draft-ietf-ntp-refid-updates (Net… Salz, Rich
- Re: [Ntp] WGLC: draft-ietf-ntp-refid-updates (Net… Miroslav Lichvar
- Re: [Ntp] WGLC: draft-ietf-ntp-refid-updates (Net… Steven Sommars
- Re: [Ntp] WGLC: draft-ietf-ntp-refid-updates (Net… Harlan Stenn
- Re: [Ntp] WGLC: draft-ietf-ntp-refid-updates (Net… Miroslav Lichvar