Re: [ntpwg] Parsing NTP packets regarding MACs and EXTs.
Daniel Franke <dfoxfranke@gmail.com> Wed, 22 June 2016 14:46 UTC
Return-Path: <ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org>
X-Original-To: ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com
Delivered-To: ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E768812D9A2 for <ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com>; Wed, 22 Jun 2016 07:46:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.015
X-Spam-Level:
X-Spam-Status: No, score=-8.015 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, DKIM_SIGNED=0.1, FREEMAIL_FORGED_FROMDOMAIN=0.198, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-1.426, T_DKIM_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BsmVYUe--Bng for <ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com>; Wed, 22 Jun 2016 07:46:07 -0700 (PDT)
Received: from lists.ntp.org (lists.ntp.org [IPv6:2001:4f8:fff7:1::7]) by ietfa.amsl.com (Postfix) with ESMTP id 9C2B512D85D for <ntp-archives-ahFae6za@lists.ietf.org>; Wed, 22 Jun 2016 07:40:58 -0700 (PDT)
Received: from lists.ntp.org (lists.ntp.org [149.20.68.7]) by lists.ntp.org (Postfix) with ESMTP id 7A07D86DB89 for <ntp-archives-ahFae6za@lists.ietf.org>; Wed, 22 Jun 2016 14:40:58 +0000 (UTC)
X-Original-To: ntpwg@lists.ntp.org
Delivered-To: ntpwg@lists.ntp.org
Received: from mail1.ntp.org (mail1.ntp.org [IPv6:2001:4f8:fff7:1::5]) by lists.ntp.org (Postfix) with ESMTP id 839BC86D48C for <ntpwg@lists.ntp.org>; Tue, 21 Jun 2016 19:41:43 +0000 (UTC)
Received: from mail-oi0-x22d.google.com ([2607:f8b0:4003:c06::22d]) by mail1.ntp.org with esmtps (TLSv1:AES128-SHA:128) (Exim 4.77 (FreeBSD)) (envelope-from <dfoxfranke@gmail.com>) id 1bFRYL-000MA8-Nv for ntpwg@lists.ntp.org; Tue, 21 Jun 2016 19:41:42 +0000
Received: by mail-oi0-x22d.google.com with SMTP id s66so700919oif.1 for <ntpwg@lists.ntp.org>; Tue, 21 Jun 2016 12:41:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=P9WHAJ3DTyYQP1Hmpn2H5yOOnapX933Ka7l8b5fcZbo=; b=d74a9pKmKwjF6PZ4w3eDldBgFS9H8pGHVuHVoTEDawFptQA+bl3MOtujAHLb98lrjZ gYt4SXvfqBpAmcNyGL3E7vU+gr1KpPf9fljhSrc5RjG8DsZTwkTZczaSmqY5vDiKw6oe SNWmunHWg7CtyG7bjXbXncFYsfsKvslXDt0OHe8AQMTTaCErQdmgPChi3GYP6CPD/BDy RBpnqJ75wb9Q8TmuAYI+i3bdrSWTcRhtS/6IazFyf2go0NiBaIdbw0NrXX7sM2iQyQiU lHhnHll0nkgfbrOAKJBS8Bti+6h3O37ZpEuTR0gLZ7rCxzPvM7xBDuQwvPRaXyvCuL9B /Cgw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=P9WHAJ3DTyYQP1Hmpn2H5yOOnapX933Ka7l8b5fcZbo=; b=VGvdzASMLeigWrn7vK+5EKeFsXnNKNvxCiV9eQ3pL3COXmvABmqp7tVbIsVttWndav XHKaNmrCklE8TTZ39TQc7cP/QnibRYSdBkbb4W9Jus6aKrSX9zLm975JwRUAKo5SV2F5 dEqq68Yh+eEdT+usGpnyP5eZZg7a1B6paL4KsjzIXBvcr99W9SWHRXaX2fQAPeslCr7O LEPjoliRjFv6b6i16UYp4uKimQMW7rmF9qVsotrAUfdBZ/aMQId0Ep9Y/fyTv7jl5Jw0 lXxTWxLrOh4J7txrbMd0gS0+s6gv5QeBlj/Hd9E9xK1PYORdXDv8DZKS9Gl/ObC6Ldv8 0QRA==
X-Gm-Message-State: ALyK8tJ6qskdUYO3cW06lZvD5M1Ua+0/eSuyXK5HVtVwDCOo+o+MMR7a9T9Oo8L5B9TVkY2zcoh/vsXS6WpJyA==
X-Received: by 10.157.45.4 with SMTP id v4mr17475863ota.149.1466538100640; Tue, 21 Jun 2016 12:41:40 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.182.224.234 with HTTP; Tue, 21 Jun 2016 12:41:39 -0700 (PDT)
In-Reply-To: <CAJm83bAHcSQtOHRjUHVk7o27KmbSqH_dad+dLMAhQ6Vh3hnsWw@mail.gmail.com>
References: <stenn@ntp.org> <E1bFCJh-000G0C-Bf@stenn.ntp.org> <20160621093932.BD9A7406057@ip-64-139-1-69.sjc.megapath.net> <f4f6f8f969ac49ff819ccae06ec2e3db@usma1ex-dag1mb1.msg.corp.akamai.com> <d5934cd7-5808-3e2b-3ed6-b5e1b3f9e2df@ntp.org> <CAJm83bAHcSQtOHRjUHVk7o27KmbSqH_dad+dLMAhQ6Vh3hnsWw@mail.gmail.com>
From: Daniel Franke <dfoxfranke@gmail.com>
Date: Tue, 21 Jun 2016 15:41:39 -0400
Message-ID: <CAJm83bDRc668NT+kcYkVLwxfrV1OyunBR1ASHWafYcYLhjP4ww@mail.gmail.com>
To: mayer@ntp.org
X-SA-Exim-Connect-IP: 2607:f8b0:4003:c06::22d
X-SA-Exim-Rcpt-To: ntpwg@lists.ntp.org
X-SA-Exim-Mail-From: dfoxfranke@gmail.com
X-SA-Exim-Version: 4.2
X-SA-Exim-Scanned: Yes (on mail1.ntp.org)
X-Mailman-Approved-At: Wed, 22 Jun 2016 14:40:42 +0000
Subject: Re: [ntpwg] Parsing NTP packets regarding MACs and EXTs.
X-BeenThere: ntpwg@lists.ntp.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: IETF Working Group for Network Time Protocol <ntpwg.lists.ntp.org>
List-Unsubscribe: <http://lists.ntp.org/options/ntpwg>, <mailto:ntpwg-request@lists.ntp.org?subject=unsubscribe>
List-Archive: <http://lists.ntp.org/pipermail/ntpwg/>
List-Post: <mailto:ntpwg@lists.ntp.org>
List-Help: <mailto:ntpwg-request@lists.ntp.org?subject=help>
List-Subscribe: <http://lists.ntp.org/listinfo/ntpwg>, <mailto:ntpwg-request@lists.ntp.org?subject=subscribe>
Cc: "ntpwg@lists.ntp.org" <ntpwg@lists.ntp.org>, Hal Murray <hmurray@megapathdsl.net>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org
Sender: ntpwg <ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org>
On 6/21/16, I <dfoxfranke@gmail.com> wrote: > If the packet is 48 bytes, it has no extensions and no MAC. > If the packet is between 49 and 67 bytes inclusive, it's malformed; discard > it. > If the packet is 68 bytes, it has a legacy MAC and no extensions. > If the packet is more than 68 bytes, the last 20 bytes are the keyid > and MAC, the first 48 bytes are the standard fields, and everything in > between is extension fields. If the keyid field is 0, then the MAC > field is ignored, and these last 20 bytes are basically just filler to > make the packet parse correctly. I was just going through WG documents and saw that we already opined on this issue last March with RFC7822. It's consistent with what I've suggested so far, except that it allows extension fields without a MAC as long as the final extension field is at least 28 bytes long. I think this is too clever by half and I wish I'd been paying attention before it was ratified so that I could have objected. Oh well, too late now and no big deal. _______________________________________________ ntpwg mailing list ntpwg@lists.ntp.org http://lists.ntp.org/listinfo/ntpwg
- Re: [ntpwg] Autokey, Shared keys Harlan Stenn
- Re: [ntpwg] Autokey, Shared keys Hal Murray
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Miroslav Lichvar
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Salz, Rich
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Daniel Franke
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Daniel Franke
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Salz, Rich
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Harlan Stenn
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Danny Mayer
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Rob Seaman
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Salz, Rich
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Danny Mayer
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Salz, Rich
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Danny Mayer
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Danny Mayer
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Hal Murray
- [ntpwg] New Version Notification for draft-ietf-n… dieter.sibold
- Re: [ntpwg] New Version Notification for draft-ie… Danny Mayer
- Re: [ntpwg] New Version Notification for draft-ie… Danny Mayer
- Re: [ntpwg] New Version Notification for draft-ie… kristof.teichel
- Re: [ntpwg] New Version Notification for draft-ie… dieter.sibold
- Re: [ntpwg] New Version Notification for draft-ie… Richard Welty
- Re: [ntpwg] New Version Notification for draft-ie… Danny Mayer
- Re: [ntpwg] New Version Notification for draft-ie… Harlan Stenn
- Re: [ntpwg] New Version Notification for draft-ie… dieter.sibold
- Re: [ntpwg] New Version Notification for draft-ie… Hal Murray
- Re: [ntpwg] New Version Notification for draft-ie… Danny Mayer
- Re: [ntpwg] New Version Notification for draft-ie… Danny Mayer
- Re: [ntpwg] New Version Notification for draft-ie… dieter.sibold
- Re: [ntpwg] New Version Notification for draft-ie… Danny Mayer
- Re: [ntpwg] New Version Notification for draft-ie… Harlan Stenn
- Re: [ntpwg] New Version Notification for draft-ie… Harlan Stenn
- Re: [ntpwg] New Version Notification for draft-ie… Danny Mayer
- Re: [ntpwg] New Version Notification for draft-ie… Danny Mayer
- Re: [ntpwg] New Version Notification for draft-ie… Harlan Stenn
- [ntpwg] Antw: Re: New Version Notification for dr… Ulrich Windl
- Re: [ntpwg] Antw: Re: I-D Action: draft-ietf-ntp-… Hal Murray
- Re: [ntpwg] Antw: Re: I-D Action: draft-ietf-ntp-… Harlan Stenn
- Re: [ntpwg] Antw: Re: I-D Action: draft-ietf-ntp-… Hal Murray
- Re: [ntpwg] Fwd: Early Allocations for NTS drafts… Hal Murray
- Re: [ntpwg] Fwd: Early Allocations for NTS drafts… Kurt Roeckx
- Re: [ntpwg] Fwd: Early Allocations for NTS drafts… Harlan Stenn
- Re: [ntpwg] Different security mechanisms (NTS, A… Hal Murray
- Re: [ntpwg] Fwd: Early Allocations for NTS drafts… Hal Murray
- Re: [ntpwg] Different security mechanisms (NTS, A… Harlan Stenn
- Re: [ntpwg] Fwd: Early Allocations for NTS drafts… Harlan Stenn
- Re: [ntpwg] WGLC on NTS: Round trips for key exch… Hal Murray
- Re: [ntpwg] WGLC on NTS: Round trips for key exch… Harlan Stenn
- Re: [ntpwg] [TICTOC] comments on draft-stenn-ntp-… Hal Murray
- Re: [ntpwg] [TICTOC] comments on draft-stenn-ntp-… Harlan Stenn
- Re: [ntpwg] [TICTOC] comments on draft-stenn-ntp-… Hal Murray
- Re: [ntpwg] [TICTOC] comments on draft-stenn-ntp-… Harlan Stenn
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Salz, Rich
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Daniel Franke
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Harlan Stenn