IETF Logo Mail Archive

[secdir] draft-ietf-ntp-over-ptp-06 ietf last call Secdir review

Daniel Migault via Datatracker <noreply@ietf.org> Wed, 01 October 2025 23:38 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@mail2.ietf.org
Received: from [10.244.8.182] (unknown [4.156.85.76]) by mail2.ietf.org (Postfix) with ESMTP id EE3296C23D34; Wed, 1 Oct 2025 16:38:48 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Daniel Migault via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.50.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <175936192864.2781230.8021649083784671528@dt-datatracker-6c6cdf7f94-h6rnn>
Date: Wed, 01 Oct 2025 16:38:48 -0700
Message-ID-Hash: BSX2KUNSLK3BEJHKZHP7W2KICH5NE3BY
X-Message-ID-Hash: BSX2KUNSLK3BEJHKZHP7W2KICH5NE3BY
X-MailFrom: noreply@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-secdir.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-ntp-over-ptp.all@ietf.org, last-call@ietf.org, ntp@ietf.org
X-Mailman-Version: 3.3.9rc6
Reply-To: Daniel Migault <daniel.migault@ericsson.com>
Subject: [secdir] draft-ietf-ntp-over-ptp-06 ietf last call Secdir review
List-Id: Security Area Directorate <secdir.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/BsrCCw2Izv4OULRWDcY2_tUU4H8>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Owner: <mailto:secdir-owner@ietf.org>
List-Post: <mailto:secdir@ietf.org>
List-Subscribe: <mailto:secdir-join@ietf.org>
List-Unsubscribe: <mailto:secdir-leave@ietf.org>

Document: draft-ietf-ntp-over-ptp
Title: NTP Over PTP
Reviewer: Daniel Migault
Review result: Has Nits

Hi,

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.

The final paragraph of the introduction contains some minor issues.

In the security considerations, I understand that PTP correction cannot be
authenticated. If I am not mistaken, I believe that such authentication would
necessitate the PTP layer to be authenticated. I suspect that the PTP protocol
has an extension, and that DTLS, IPsec, or MACsec could also be utilized. While
in some instances this might contradict the original purpose of benefiting from
a hardware implementation of PTP, in other scenarios, such as the O-RAN
fronthaul, MACsec is currently proposed to secure Ethernet packets that
encapsulate PTP over eCPRI. For the IP fronthaul, MACsec, IPsec, and DTLS
remain potential candidates.

Naturally, authentication does not mitigate attacks based on delayed packets. I
have the impression that PTP recommends different paths.

Port randomization appears to be more of a privacy-related concern. However, I
have the impression that a single value is being utilized by every client. If
this is accurate, then the port does not facilitate session tracking.
Conversely, the two drawbacks are that using predictable ports may simplify
spoofing attacks even from outside the network. Furthermore, if port
randomization cannot be implemented system-wide due to PTP, it may not be
activated; however, I believe that the issue pertains to other applications
(not PTP). If this is correct, it seems to me that the draft should clarify
that the systems affected are those for which port randomization cannot be
activated or disabled on a service basis.

If the comment below were accurate, I believe that these could be reflected in
the security considerations section.

Yours,
Daniel

v2.35.0 | Report a Bug | By Email | System Status