[Ntp] Antw: [EXT] Re: NTPv5 draft
Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de> Tue, 01 December 2020 13:46 UTC
Return-Path: <Ulrich.Windl@rz.uni-regensburg.de>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 62DEE3A0B35 for <ntp@ietfa.amsl.com>; Tue, 1 Dec 2020 05:46:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xzN5f0MgadNW for <ntp@ietfa.amsl.com>; Tue, 1 Dec 2020 05:46:22 -0800 (PST)
Received: from mx3.uni-regensburg.de (mx3.uni-regensburg.de [IPv6:2001:638:a05:137:165:0:4:4e79]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B0C383A122D for <ntp@ietf.org>; Tue, 1 Dec 2020 05:46:21 -0800 (PST)
Received: from mx3.uni-regensburg.de (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id F2EE06000051 for <ntp@ietf.org>; Tue, 1 Dec 2020 14:46:17 +0100 (CET)
Received: from gwsmtp.uni-regensburg.de (gwsmtp1.uni-regensburg.de [132.199.5.51]) by mx3.uni-regensburg.de (Postfix) with ESMTP id D5E036000050 for <ntp@ietf.org>; Tue, 1 Dec 2020 14:46:17 +0100 (CET)
Received: from uni-regensburg-smtp1-MTA by gwsmtp.uni-regensburg.de with Novell_GroupWise; Tue, 01 Dec 2020 14:46:18 +0100
Message-Id: <5FC64929020000A10003D354@gwsmtp.uni-regensburg.de>
X-Mailer: Novell GroupWise Internet Agent 18.3.0
Date: Tue, 01 Dec 2020 14:46:17 +0100
From: Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de>
To: Hal Murray <hmurray@megapathdsl.net>, mlichvar@redhat.com
Cc: "ntp@ietf.org" <ntp@ietf.org>
References: <98393E6F020000F36A6A8CFC@gwsmtp.uni-regensburg.de> <D735E3B202000007824A10E1@gwsmtp.uni-regensburg.de> <592F4A44020000686A6A8CFC@gwsmtp.uni-regensburg.de> <046582A00200007A824A10E1@gwsmtp.uni-regensburg.de> <6128125E0200006F6A6A8CFC@gwsmtp.uni-regensburg.de> <04765BC50200005343047E14@gwsmtp.uni-regensburg.de>
In-Reply-To: <04765BC50200005343047E14@gwsmtp.uni-regensburg.de>
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Content-Disposition: inline
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/tgrQV7I905D3ERHX1trmgMLL-CU>
Subject: [Ntp] Antw: [EXT] Re: NTPv5 draft
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Dec 2020 13:46:25 -0000
>>> Hal Murray <hmurray@megapathdsl.net> schrieb am 01.12.2020 um 11:40 in Nachricht <20201201104040.3691640605C@ip-64-139-1-69.sjc.megapath.net>: > mlichvar@redhat.com said: >> Ok, so if the draft said something like "NTP clients SHOULD use >> authentication", would that work for you? Ultimately, it would be up to the >> client's default configuration whether authentication is enabled or not. > > That doesn't sound right to me. > > You can't say SHOULD for something that is hard to implement. In > particular, > authentication doesn't work with the pool. For that SHOULD to make sense, > we > either have to add authentication to the pool or we have to put the pool out > > of business. Authentication as it is now with autokey being dead. Symmetric keys won't work for pools, but asymmetric would. > > You can say something like "implementations SHOULD support authentication". > > It probably takes a paragraph to explain what that means and why we think it > > is a good idea. But in reality, the basic protocol is so simple that people > > will throw together their own implementation, probably by reading stuff from > > the web rather than the actual RFC. > > I think there is a chicken‑egg problem. Yesterday, authentication was hard > to > setup. With NTS, it should be easy to setup the client side. Now we have > to > get some public servers that support NTS. We need lots of them, not just a > few. > > As a starter, it would be nice if ISPs ran authenticated servers for their > clients. Cloud farms too. > > > > ‑‑ > These are my opinions. I hate spam. > > > > _______________________________________________ > ntp mailing list > ntp@ietf.org > https://www.ietf.org/mailman/listinfo/ntp
- [Ntp] Antw: [EXT] Re: NTPv5 draft Ulrich Windl