Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp
Martin Langer <mart.langer@ostfalia.de> Wed, 12 December 2018 07:38 UTC
Return-Path: <mart.langer@ostfalia.de>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E1C513112F for <ntp@ietfa.amsl.com>; Tue, 11 Dec 2018 23:38:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sonia.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J67YTAszlU47 for <ntp@ietfa.amsl.com>; Tue, 11 Dec 2018 23:38:51 -0800 (PST)
Received: from mailgate1.sonia.de (mailgate1.sonia.de [141.41.1.242]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7DFD612D7F8 for <ntp@ietf.org>; Tue, 11 Dec 2018 23:38:50 -0800 (PST)
Received: from mailgate1.sonia.de (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 1F7B312EBE; Wed, 12 Dec 2018 08:38:44 +0100 (CET)
Received: from mail.sonia.de (mail.sonia.de [141.41.8.70]) by mailgate1.sonia.de (Postfix) with ESMTP id 6F1D112E98; Wed, 12 Dec 2018 08:38:23 +0100 (CET)
MIME-version: 1.0
Content-transfer-encoding: 8bit
Content-type: text/plain; charset="utf-8"; format="flowed"
Received: from [141.41.39.246] (unknown [141.41.39.246]) by mail.sonia.de (Oracle Communications Messaging Server 7.0.5.37.0 64bit (built Jan 25 2016)) with ESMTPSA id <0PJM00A9B57TFV00@mail.sonia.de>; Wed, 12 Dec 2018 08:38:17 +0100 (CET)
Sender: mart.langer@ostfalia.de
To: Dieter Sibold <dsibold.ietf@gmail.com>
Cc: ntp@ietf.org
References: <FF5E07A6-6F59-4D45-A186-7FC7C9B4A41C@isoc.org> <b4e17d31-967c-d613-2317-633f316e2c66@ostfalia.de> <B6E74685-66C9-4155-8DBF-16008B8F1A56@gmail.com>
From: Martin Langer <mart.langer@ostfalia.de>
Message-id: <48a76104-a055-cc07-52fe-3222a69a0af4@ostfalia.de>
Date: Wed, 12 Dec 2018 08:38:04 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Thunderbird/60.3.3
In-reply-to: <B6E74685-66C9-4155-8DBF-16008B8F1A56@gmail.com>
Content-language: en-US
X-Antivirus: Avast (VPS 181211-6, 11.12.2018), Outbound message
X-Antivirus-Status: Clean
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sonia.de; h=mime-version:content-transfer-encoding:content-type:sender:subject:to:cc:references:from:message-id:date:in-reply-to; s=20140129; bh=s9tY7i3NFbsK9FSIwvUXnNHr6zcTcTGbebmKrVTdqZw=; b=OJnaLMafDl2wtTYHJx79bhmAN+CcJCe1GJ4h3FzX+wXZ8ATUfN9C8OtjFtDuQIM8fvQElnPvSiJIZar3Q0nIQ2s1Ad5STNCOE+mQi2RGE7YrAZ4WKLDA9SvQUpJPPCagfF3ID68BOBlD+yNdWOAPzDBDB9bUNhlTOo4m/nwIM60=
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/yd2z1pi43xER6QIQ0ba7XKaAAlE>
Subject: Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Dec 2018 07:38:55 -0000
Hello Dieter, thanks for your reply. You are right. I already talked to Kristof about the TLS1.2 / 1.3 question and I agree to provide both versions. best regards, Martin Am 11.12.2018 um 19:40 schrieb Dieter Sibold: > > Hi Martin, > thanks for your comments. See replies inline. > > Dieter Sibold > dsibold.ietf@gmail.com > > On 4 Dec 2018, at 10:52, Martin Langer wrote: > >> Hello together, >> >> the current NTS draft is fine for me and I have just a few comments. >> >> >> page 7: >> >> "Implementations MUST NOT negotiate TLS versions earlier than 1.2, >> SHOULD negotiate TLS 1.3 [RFC8446] or later when possible, and MAY >> refuse to negotiate any TLS version which has been superseded by a >> later supported version." >> >> -> I guess the minimum TLS version MUST be 1.3. The effort for >> developers should be very small. >> In OpenSSL, I only need one extra line of code to force TLS1.3 and >> disable TLS1.2. Many implementations >> support the final TLS1.3 (RFC) or the latest TLS draft (see: >> https://github.com/tlswg/tls13-spec/wiki/Implementations). >> The remaining platforms will probably follow soon. Therefore, I see >> no further need to support older TLS versions >> than 1.3. >> > As authors we had a discussion on this matter. And we decided that the > language as it is provide the most flexibility for implementors. It > allows to provide TLS 1.2 and 1.3 but it does not mandate to provide > 1.2 or 1.3. It only mandates that at least one of these version has to > be provided. > > >> >> >> page 8: >> >> "The semantics of record types 0-6 are specified in this memo." >> -> must be '0-7' >> >> >> >> page 15: >> >> "Nonce length: Two octets in network byte order, ..." >> -> must be 'Nonce Length:' >> >> >> >> page 16: >> >> "Additional Padding: Clients which use a nonce length shorter than >> the maximum allowed by the negotiated AEAD algorithm may be >> required to include additional zero-padding. The necessary length >> of this field is specified below." >> >> -> This confused me the first time. I thought it was a mistake and >> meant 'minimum'. >> 'maximum' is right, but should we leave this information here? >> >> Alternative form: >> "Additional Padding: The nonce length used by the client maybe required >> to include additional zero-padding depending on the negotiated AEAD >> algorithm." >> >> >> >> page 17: >> >> "The purpose of the Additional Padding field is to ensure that servers >> can always choose a nonce whose length is adequate to ensure its >> uniqueness, even if the client chooses a shorter one, and still >> ensure that the overall length of the server’s response packet. does >> not exceed the length of the request." >> >> -> in the penultimate line is a dot >> >> >> >> page 19: >> >> -> The timelines are different in length. (the client line need one >> more '-') >> >> >> >> page 27: >> >> "The Network Time Security Warning Codes Registry SHALL initally be >> empty except for the reserved range, i.e.:" >> >> -> typo: 'initially' >> >> >> >> best regards, >> Martin >> >> >> >> >> Am 06.11.2018 um 21:46 schrieb Karen O'Donoghue: >>> Folks, >>> >>> This message initiates a three plus week working group last call for: >>> >>> Network Time Security for the Network Time Protocol >>> https://datatracker.ietf.org/doc/draft-ietf-ntp-using-nts-for-ntp/ >>> >>> Please review the referenced document and send any comments to the >>> mailing list including your assessment of whether this document is >>> mature enough to proceed to the IESG. Please note that these >>> messages of support for progression to the mailing list will be used >>> to determine WG consensus to proceed. >>> >>> Please send all comments in by COB on Friday 30 November. We realize >>> this is a bit longer than normal but we are coming out of an IETF >>> week and heading into the Thanksgiving holiday in the US. >>> >>> Thanks! >>> Karen and Dieter >>> _______________________________________________ >>> ntp mailing list >>> ntp@ietf.org >>> https://www.ietf.org/mailman/listinfo/ntp >> >> -- >> Martin Langer, M.Eng. >> Ostfalia Hochschule für angewandte Wissenschaften >> - Hochschule Braunschweig/Wolfenbüttel >> University of Applied Sciences >> >> Labor Datentechnik, Labor Design Digitaler Systeme >> Fakultät Elektrotechnik >> Salzdahlumer Straße 46/48 >> 38302 Wolfenbüttel >> Germany >> >> Tel. : +49 5331 939 43370 >> Web : >> https://www.ostfalia.de/cms/de/pws/bermbach/mitarbeiter/martin-langer >> >> _______________________________________________ >> ntp mailing list >> ntp@ietf.org >> https://www.ietf.org/mailman/listinfo/ntp -- Martin Langer, M.Eng. Ostfalia Hochschule für angewandte Wissenschaften - Hochschule Braunschweig/Wolfenbüttel University of Applied Sciences Labor Datentechnik, Labor Design Digitaler Systeme Fakultät Elektrotechnik Salzdahlumer Straße 46/48 38302 Wolfenbüttel Germany Tel. : +49 5331 939 43370 Web : https://www.ostfalia.de/cms/de/pws/bermbach/mitarbeiter/martin-langer
- [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Karen O'Donoghue
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Loganaden Velvindron
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Martin Langer
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Martin Langer
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Karen O'Donoghue
- [Ntp] Fwd: WGLC: draft-ietf-ntp-using-nts-for-ntp Karen O'Donoghue
- [Ntp] Dave Mills: Re: WGLC: draft-ietf-ntp-using-… Harlan Stenn
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Miroslav Lichvar
- Re: [Ntp] Fwd: WGLC: draft-ietf-ntp-using-nts-for… kristof.teichel
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Denis Reilly
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Marcus Dansarie
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Harlan Stenn
- [Ntp] Antwort: Re: WGLC: draft-ietf-ntp-using-nts… kristof.teichel
- Re: [Ntp] Antwort: Re: WGLC: draft-ietf-ntp-using… Harlan Stenn
- [Ntp] Antwort: Re: Antwort: Re: WGLC: draft-ietf-… kristof.teichel
- Re: [Ntp] Antwort: Re: WGLC: draft-ietf-ntp-using… Salz, Rich
- Re: [Ntp] Antwort: Re: WGLC: draft-ietf-ntp-using… Harlan Stenn
- Re: [Ntp] Antwort: Re: WGLC: draft-ietf-ntp-using… Harlan Stenn
- Re: [Ntp] Antwort: Re: Antwort: Re: WGLC: draft-i… Harlan Stenn
- Re: [Ntp] Antwort: Re: Antwort: Re: WGLC: draft-i… kristof.teichel
- Re: [Ntp] Antwort: Re: WGLC: draft-ietf-ntp-using… Salz, Rich
- Re: [Ntp] Antwort: Re: WGLC: draft-ietf-ntp-using… kristof.teichel
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Dieter Sibold
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Brian Haberman
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Karen O'Donoghue
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Marcus Dansarie
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Dieter Sibold
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Salz, Rich
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Dieter Sibold
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Dieter Sibold
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Salz, Rich
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Dieter Sibold
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Martin Langer
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Dieter Sibold
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Ragnar Sundblad
- Re: [Ntp] WGLC: draft-ietf-ntp-using-nts-for-ntp Miroslav Lichvar