[Ntp] Antwort: Re: The trick to timestamp with authentication
kristof.teichel@ptb.de Mon, 07 December 2020 13:25 UTC
Return-Path: <kristof.teichel@ptb.de>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A5B303A1399 for <ntp@ietfa.amsl.com>; Mon, 7 Dec 2020 05:25:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.42
X-Spam-Level:
X-Spam-Status: No, score=-1.42 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, HTML_MIME_NO_HTML_TAG=0.377, HTML_NONELEMENT_30_40=0.001, MIME_HTML_ONLY=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4GDHWLUY274b for <ntp@ietfa.amsl.com>; Mon, 7 Dec 2020 05:25:16 -0800 (PST)
Received: from mx1.bs.ptb.de (mx1.bs.ptb.de [192.53.103.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C7413A1390 for <ntp@ietf.org>; Mon, 7 Dec 2020 05:25:15 -0800 (PST)
Received: from smtp-hub.bs.ptb.de (smtpint01.bs.ptb.de [141.25.87.32]) by mx1.bs.ptb.de with ESMTP id 0B7DPDte005976-0B7DPDtg005976 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Mon, 7 Dec 2020 14:25:13 +0100
Received: from lotus.bs.ptb.de (lotus.bs.ptb.de [141.25.85.200]) by smtp-hub.bs.ptb.de (Postfix) with ESMTPS id 3C0BAA6EBB1; Mon, 7 Dec 2020 14:25:13 +0100 (CET)
X-Disclaimed: 1
MIME-Version: 1.0
Sensitivity:
Importance: Normal
X-Priority: 3 (Normal)
In-Reply-To: <20201207105406.GF2352378@localhost>
References: <20201207105406.GF2352378@localhost>, <doug.arnold@meinberg-usa.com> <BEF7C4D9-81CD-42AD-BA06-433D45C0DCD1@meinberg-usa.com> <20201203233634.15F7940605C@ip-64-139-1-69.sjc.megapath.net> <12C6B0FF-8C20-4363-AF41-FDF98B2D8072@meinberg-usa.com>
From: kristof.teichel@ptb.de
To: Miroslav Lichvar <mlichvar@redhat.com>
Cc: ntp@ietf.org
Message-ID: <OF24F50CB5.1E226959-ONC1258637.0049B781-C1258637.0049B784@ptb.de>
Date: Mon, 07 Dec 2020 14:25:11 +0100
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/wtRxdujAFnipy98LfRUBkyTHR2U>
Subject: [Ntp] Antwort: Re: The trick to timestamp with authentication
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Dec 2020 13:25:19 -0000
-----"ntp" <ntp-bounces@ietf.org> schrieb: -----
Von: "Miroslav Lichvar"
Gesendet von: "ntp"
Datum: 07.12.2020 11:54
Betreff: Re: [Ntp] The trick to timestamp with authentication
> The ntp working group could decide ntpv5 can support on path corrections or security, but not both. However, I suspect a lot of people would be disappointed.
Please don't forget that MITM attackers can delay packets and cause
larger errors in NTP measurements than unauthenticated corrections.
Not allowing switches to make unauthenticated corrections in
authenticated packets will not improve security.
--
Miroslav Lichvar
_______________________________________________
ntp mailing list
ntp@ietf.org
https://www.ietf.org/mailman/listinfo/ntp" rel="nofollow">https://www.ietf.org/mailman/listinfo/ntp
- [Ntp] The trick to timestamp with authentication Watson Ladd
- Re: [Ntp] The trick to timestamp with authenticat… Hal Murray
- Re: [Ntp] The trick to timestamp with authenticat… Doug Arnold
- Re: [Ntp] The trick to timestamp with authenticat… Hal Murray
- Re: [Ntp] The trick to timestamp with authenticat… Doug Arnold
- Re: [Ntp] The trick to timestamp with authenticat… James
- Re: [Ntp] The trick to timestamp with authenticat… Dieter Sibold
- Re: [Ntp] The trick to timestamp with authenticat… Miroslav Lichvar
- [Ntp] Antwort: Re: The trick to timestamp with au… kristof.teichel
- Re: [Ntp] Antwort: Re: The trick to timestamp wit… Miroslav Lichvar
- Re: [Ntp] Antwort: Re: The trick to timestamp wit… Dieter Sibold
- Re: [Ntp] Antwort: Re: The trick to timestamp wit… Philip Prindeville
- Re: [Ntp] Antwort: Re: The trick to timestamp wit… Watson Ladd