[saag] Author promotion of draft-ietf-ntp-roughtime-01
Watson Ladd <watsonbladd@gmail.com> Tue, 11 August 2020 22:42 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FCC23A0D6D for <saag@ietfa.amsl.com>; Tue, 11 Aug 2020 15:42:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id unW9hp3Brdzf for <saag@ietfa.amsl.com>; Tue, 11 Aug 2020 15:42:08 -0700 (PDT)
Received: from mail-lj1-x236.google.com (mail-lj1-x236.google.com [IPv6:2a00:1450:4864:20::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 026873A0D66 for <saag@ietf.org>; Tue, 11 Aug 2020 15:42:07 -0700 (PDT)
Received: by mail-lj1-x236.google.com with SMTP id t6so76916ljk.9 for <saag@ietf.org>; Tue, 11 Aug 2020 15:42:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=Ilmjnxvi68jEfTI+NI/Hllgd/QZlVqRMj7xzMqufDyo=; b=SBMHGzDqABBzZMuKZMA7eMiIVvdA6uZgRSnzKE4beS4NvjCXh/O1sQO+8qpV3xbC5W dKcwmXnL608JmhM9/V3n+aWo81mMcl9JXFtXyE97Mq2JtAqCu/wzM7SUEq5heMe1k6Xd YBXx+QBezDoyBag6cqoewF1L9xYjRobYQczihyHS3sMA1nfJuBc4245XkO9ZsyqjUeBO MeJBWR+ji3mzTUx5MtlG0YyaA9gGJD4gjMQ2b1YrcvcdIwkatRyHjpVPv3vHdbhh6hAn 3kXPavwTeO2S047UAYByvzGh15WKIkSNMbn+1bXnIACunpUhB5ZRhYelr/6fGfzT1q1V JQAw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=Ilmjnxvi68jEfTI+NI/Hllgd/QZlVqRMj7xzMqufDyo=; b=FjaVX1VhIAc+ksf/+anCDXGiY4djD+4D8T43zCA/Ti8u5urWUhvqFIjcvWVmfh+aT0 h8wLVydJOa7wRJVmzYe8z7nlCh18a/HzhS47KatZfsD2bANPKsirkcOUkabJ+ZmVBS1F RUvp7sggVEPX/rnuGKDLbeY44yDh7QiAb6DVptE+EU3nZzNECrV5fparDE9IwsnPgVYs S0oQTx1krtM0K3KPMXGvvYOTD6RDZj9pj7cNTCe1k8CvsucoIlp1IncsRAQT9xveRT3p NWu8dlCnOUm/uHBNJCwc7QylFqYHRpXHgxg5yOVGO+7dcrizkFjc/jAqxxQoAY0ZldWe oX5g==
X-Gm-Message-State: AOAM532BwPKMXN9JrOWMhdHU6UipZ+NyWr99xJqAeNJBc9zaxOBd3Fgn AIsuRuNl6I5fm7reCgBmgN1Xi5w0v0fF9g1wCvuqF8cYiu8=
X-Google-Smtp-Source: ABdhPJwYkuJ6gzDQZeaoYt85bPIqHdnx5e7pDcwTtVj+GoouOX+A7FyKrSa/ea4v2iquX3E2d2lsphKvQqfh5EiDgvI=
X-Received: by 2002:a2e:86d6:: with SMTP id n22mr3688511ljj.440.1597185725725; Tue, 11 Aug 2020 15:42:05 -0700 (PDT)
MIME-Version: 1.0
From: Watson Ladd <watsonbladd@gmail.com>
Date: Tue, 11 Aug 2020 18:41:54 -0400
Message-ID: <CACsn0cn02Oo5C4k5aB5QJtXQN5gNpCLedPTkv6_hZNyn2Y46Uw@mail.gmail.com>
To: IETF SAAG <saag@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/Zc3hjaSbeBXtIhfUFtfuCDwy5Yg>
Subject: [saag] Author promotion of draft-ietf-ntp-roughtime-01
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Aug 2020 22:42:10 -0000
Dear SAAG members, I'd like to elaborate on Karen's notes on draft-ietf-ntp-roughtime-01, and explain why members of this group might be interested in it. Roughtime is certificate transparency for time. A roughtime server signs its responses and places them in an linear hash structure permitting incorrect answers to be found and exposed. The security of this mechanism depends on having a broader ecosystem of applications use roughtime. Any application involving approximate global time synchronization for security can make use of roughtime. Applications to X509 certificate, Kerberos, etc. are clear. Consensus mechanisms such as the Tor Directory Service are also interested in making use of it. I'm sure there are many more potential applications readers of this mailing list may think of. If this sounds interesting i'm happy to discuss it further on the NTP WG mailing list or privately. Or here, if it is too off-target. Sincerely, Watson Ladd