Re: [Ntp] Comments on dratf-ietf-ntp-chronos-02

Neta R S <> Mon, 08 March 2021 21:23 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9DB0A3A17F1 for <>; Mon, 8 Mar 2021 13:23:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Oykc5lGG3fVK for <>; Mon, 8 Mar 2021 13:23:58 -0800 (PST)
Received: from ( [IPv6:2a00:1450:4864:20::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id C38163A16AA for <>; Mon, 8 Mar 2021 13:23:57 -0800 (PST)
Received: by with SMTP id p15so17933020ljc.13 for <>; Mon, 08 Mar 2021 13:23:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=1WXzLN81rV3BNIVYr+kqGZUUCYFbPYEOK8NbqWZTnxU=; b=aacsOf0FRzDDnvI6p4++o2WUDNaLmNMr+QJmmnzFnGKwURuW9t5ZeefvI/hlbR+0Ib fnS7EYMwYfZ2xOtsP2Xm09E2dlCYmAJBMb0r70SwJWKiNRgU7qwg023yHrbSmjF3Nd9A U6uQ2oD8QwLzfbME4CU7e5tCxyzs9Cv73wwHFCOjUA7FVbYFGhN7cKQ6UuMrRdbah9BK 6SEs56fnyGknI0P7OMlYMzv5FTK4uuwA8AJ2rLhETio5LHm55Q8FXGegQzCQ1q5/ulRH gtyy3AO1vfG5bQVUoQHdsF+wo7iD8x6bgOZ6gqawJsU4qc1zZnP6L7flp1aJp/j6qBRX En0A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=1WXzLN81rV3BNIVYr+kqGZUUCYFbPYEOK8NbqWZTnxU=; b=I4xPY23Rwpg9j5eFR3A+Qjt15FEx9u2B8KeY+nqcgZpTpaIIaSwZc03uyYVhE8hcqr E3Xj20nNv6h+Tp5fXsnOqxcHCGMIXyS+rCGP0RjuNc9xWZKwyUVnvE3C2B+CZYQXTWn8 5/O/CvXnB4Y6PVR8CesRYlikcKUx/hlWClYCaON4kU8SvETbhL30QuYNc4NFPApzJaMe dxgnLPM6caX3Ykc7ncbOVni26sFaSLaeY0ddqSHWkPhc1Y/po6q4YM1TZhb+bJGqqBG5 jT9hvLd3S8tZHC8vyK2RM0HvqKM/FRzvO96mYfvpbJufKeD0A588//KTLGa0VPSDkTcj 6IaA==
X-Gm-Message-State: AOAM533yOOECSOPV2Xsar889/VBeoSmRCyxon6o2n9Hz6Nw12Ef2yptR uyOO8sm6tHm+WZ/Dn68c9zmDFO2lkej8gxDRHt8=
X-Google-Smtp-Source: ABdhPJyGwuqEWprfLebSO+x4gwVGOAI7aX6kbEsej3G64MRO4BiMotBokPYkg20SWChRquOJCqxW+WsC8VOCYqOMITI=
X-Received: by 2002:a2e:9f54:: with SMTP id v20mr15129668ljk.261.1615238634186; Mon, 08 Mar 2021 13:23:54 -0800 (PST)
MIME-Version: 1.0
References: <>
In-Reply-To: <>
From: Neta R S <>
Date: Mon, 8 Mar 2021 23:23:41 +0200
Message-ID: <>
To: Watson Ladd <>
Cc: NTP WG <>
Content-Type: multipart/alternative; boundary="00000000000004ac2b05bd0d0d50"
Archived-At: <>
Subject: Re: [Ntp] Comments on dratf-ietf-ntp-chronos-02
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 08 Mar 2021 21:24:00 -0000

Dear Watson,

Thank you for your feedback.
Please see my comments inline.

Best regards,

On Fri, Mar 5, 2021 at 10:12 PM Watson Ladd <> wrote:

> Dear NTP WG,
> One minor editorial comment: would be nice to include the recommended
> parameters in the table for ease of readers. I had to go searching to
> see them.
Thanks, I will include the default parameters in the table in the next

> This draft seems to imply that the pool is being used. Otherwise the
> requerying doesn't produce more servers. Reachability and increased
> load on a volunteer shared resource are questions that need to be
> addressed. We're happy to handle every device on the internet if it's
> well behaved, but most parties in the pool cannot. Gathering can be a
> passive DNS based approach, but this runs into potential caching
> issues.
We found that when a client requery the pool once an hour for 24 hours,
hundreds of servers are received.
However, to avoid overloading time servers, we suggest that Chronos will be
used as NTP watchdog with lower frequency compared to NTPv4.

> I also take issue with the assertion that chronos addresses network
> adversaries. Nothing prevents a network adversary from controlling all
> packets with dst=123 and shifting the time except authentication.
> Chronos only solves byzantine attackers, which authentication of
> trusted time servers also does. That's not to say it isn't useful, but
> I think the claims are too broad.
You refer to an attacker that can act as a man in the middle between a
client and any time server.
This is considered as an extremely strong attacker with respect to the
specific client, which we do not consider in this work.
An attacker with  such proximity and control on the client traffic can
probably use more efficient ways to attack it than time shifting.
Nevertheless, we think of authentication as an orthogonal effort for
improving NTP security.

> Sincerely,
> Watson Ladd
> --
> Astra mortemque praestare gradatim
> _______________________________________________
> ntp mailing list