Re: [saag] [homenet] write up of time without clocks
Michael Richardson <mcr+ietf@sandelman.ca> Mon, 31 October 2016 19:13 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D37CB129A3B; Mon, 31 Oct 2016 12:13:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.398
X-Spam-Level:
X-Spam-Status: No, score=-3.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c9j7klDQk4OV; Mon, 31 Oct 2016 12:13:00 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B96D129A36; Mon, 31 Oct 2016 12:13:00 -0700 (PDT)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id CEE342009E; Mon, 31 Oct 2016 15:28:19 -0400 (EDT)
Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 62F77637A6; Mon, 31 Oct 2016 15:12:59 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: homenet@ietf.org, saag@ietf.org
In-Reply-To: <11e43256-eb84-33b1-d572-7eb74134db69@cs.tcd.ie>
References: <24389.1477921009@obiwan.sandelman.ca> <11e43256-eb84-33b1-d572-7eb74134db69@cs.tcd.ie>
X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha1"; protocol="application/pgp-signature"
Date: Mon, 31 Oct 2016 15:12:59 -0400
Message-ID: <5948.1477941179@obiwan.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/CmL0lRl88fYuycQ85gGRdylDPAk>
Subject: Re: [saag] [homenet] write up of time without clocks
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: saag@ietf.org
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Oct 2016 19:13:02 -0000
mcr> Hi, I know that we talked a lot (especially Dave Taht) about how CPE mcr> devices without RTCs could verify certificates and DNSSEC when they mcr> don't know the time, and they won't know the time until they securely mcr> find an NTP server. mcr> But, we talked about how this wasn't a totally catch-22, that we could mcr> know how it was "at least" some time based upon file timestamp, or mcr> self-certificate not-before dates, or do DNSSEC without time validation mcr> first. mcr> My question is: did this get captured into document somewhere? Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote privately to inform me about https://roughtime.googlesource.com/roughtime. So, this is a network protocol to essentially crowd-surf the correct time via signed replies of nonces. It has a way to generate enough signatures fast enough to not get DDoS on a 10G link. I'm not sure how the client trusts the RoughTime servers' certificates, or if that matters given the distributed nature of things (TOFU would work). I'm not looking for a network protocol, because the devices I care about do not (yet) have network! I'm looking for the write up a heuristic that says that if you have local information that time was once verified to be at X, that it must be at least >X. ==== aside: Interesting in the protocol, it says: Since we require that requests be padded to 1KB to avoid becoming a DDoS amplifier, a 10Gbps network link could only deliver 1.2 million requests per second anyway. I'm been thinking that this might be the only way to deal with (UDP) DDoS with potentially forgable source addresses: insist that the sender's packet is always at least as big as the reply they want. -- Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-
- Re: [saag] [homenet] write up of time without clo… Michael Richardson