Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp
"Langer, Martin" <mart.langer@ostfalia.de> Mon, 08 March 2021 11:09 UTC
Return-Path: <mart.langer@ostfalia.de>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 267033A0A0B for <ntp@ietfa.amsl.com>; Mon, 8 Mar 2021 03:09:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 36gRQmd4O95U for <ntp@ietfa.amsl.com>; Mon, 8 Mar 2021 03:09:52 -0800 (PST)
Received: from mx1.sonia.de (mx1.sonia.de [141.41.1.237]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 390703A09E0 for <ntp@ietf.org>; Mon, 8 Mar 2021 03:09:51 -0800 (PST)
Received: from mx1.sonia.de (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id ADFDE1C800CD for <ntp@ietf.org>; Mon, 8 Mar 2021 12:09:49 +0100 (CET)
Received: from exchange04.resource.sonia.de (exchange04.resource.sonia.de [141.41.8.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.sonia.de (Postfix) with ESMTPS id A964A1C800CA for <ntp@ietf.org>; Mon, 8 Mar 2021 12:09:49 +0100 (CET)
From: "Langer, Martin" <mart.langer@ostfalia.de>
To: NTP WG <ntp@ietf.org>
Thread-Topic: [Ntp] Comments on draft-langer-ntp-nts-for-ptp
Thread-Index: AQHXEfmMSKND+BsUuke89/+0bAqpHap52TGAgAAU3aM=
Date: Mon, 08 Mar 2021 11:09:49 +0000
Message-ID: <02fd071141eb4b6ea94a8245af2d75f8@ostfalia.de>
References: <CACsn0cnz1GfKUKn6q61qmAbs=VPgTGFZnP=kEeQHk9CUxLACXg@mail.gmail.com>, <YEX+RYP1vXLgt5f8@localhost>
In-Reply-To: <YEX+RYP1vXLgt5f8@localhost>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [141.41.8.54]
Content-Type: multipart/alternative; boundary="_000_02fd071141eb4b6ea94a8245af2d75f8ostfaliade_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/zrQaP6TGURR_ClRT5wDdkdEQKQI>
Subject: Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Mar 2021 11:09:55 -0000
Hi all, orginal text: There might be a more general question that needs to be answered first. What exactly it means for "NTS" to be applied to a time synchronization protocol? IIRC we originally had a general NTS draft and a separate NTS-for-NTP draft. PTP, like the NTP broadcast mode, cannot be secured to the same extent as the NTP client-server mode. We had some attempts and they failed. If I understand it correctly, this draft is not trying to apply the NTS-NTP principles to PTP. That's not possible. It just reuses the NTS-KE protocol for its own security protocol. I think that's perfectly fine as long as there is no confusion about the NTS part. -- Miroslav Lichvar Hello Miroslav, The generic NTS draft has expired and was not continued. The multicast connections are not comparable to the broadcast connections in NTP. In NTP, TESLA-secured communication could be broken, because delay attacks are not detectable. However, in PTP we have two-way communication (Delay Request/Response) during multicast, which can be used to register runtime changes (RTT). However, a formal analysis is indeed not available. Our NTS4PTP design is still in the early phase. In my opinion, it is already fully functional, but it could still have various design weaknesses. Of course they have to be eliminated ;) best regards, martin ------------------- Martin Langer, M.Eng. Ostfalia Hochschule für angewandte Wissenschaften - Hochschule Braunschweig/Wolfenbüttel University of Applied Sciences Labor Datentechnik, Labor Design Digitaler Systeme Fakultät Elektrotechnik Salzdahlumer Straße 46/48 38302 Wolfenbüttel Germany Tel.: +49 5331 939 43370 Web: https://www.ostfalia.de/cms/de/pws/bermbach/mitarbeiter/martin-langer ________________________________ Von: ntp <ntp-bounces@ietf.org> im Auftrag von Miroslav Lichvar <mlichvar@redhat.com> Gesendet: Montag, 8. März 2021 11:36 An: Watson Ladd Cc: NTP WG Betreff: Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp On Fri, Mar 05, 2021 at 11:55:22AM -0800, Watson Ladd wrote: > I think this is an important draft that covers a real usecase, but > should try to break the flow of NTS a bit less. I hope these comments > are useful. There might be a more general question that needs to be answered first. What exactly it means for "NTS" to be applied to a time synchronization protocol? IIRC we originally had a general NTS draft and a separate NTS-for-NTP draft. PTP, like the NTP broadcast mode, cannot be secured to the same extent as the NTP client-server mode. We had some attempts and they failed. If I understand it correctly, this draft is not trying to apply the NTS-NTP principles to PTP. That's not possible. It just reuses the NTS-KE protocol for its own security protocol. I think that's perfectly fine as long as there is no confusion about the NTS part. -- Miroslav Lichvar _______________________________________________ ntp mailing list ntp@ietf.org https://www.ietf.org/mailman/listinfo/ntp
- [Ntp] Comments on draft-langer-ntp-nts-for-ptp Watson Ladd
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Langer, Martin
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Miroslav Lichvar
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Heiko Gerstung
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Langer, Martin
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Miroslav Lichvar
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Miroslav Lichvar
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Langer, Martin
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Langer, Martin
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Hal Murray
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Dieter Sibold
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Langer, Martin
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Heiko Gerstung
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Miroslav Lichvar
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Heiko Gerstung
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Miroslav Lichvar
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Heiko Gerstung
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Heiko Gerstung
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Doug Arnold
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Langer, Martin
- Re: [Ntp] Comments on draft-langer-ntp-nts-for-ptp Heiko Gerstung