NTP/TICTOC interim meeting
9 June 2016, noon EDT
Samuel Weiler as scribe


Kristof reported on NTS design team progress.  The design team is
focusing on item #1 from:
https://trac.tools.ietf.org/wg/ntp/trac/wiki/NtsWglcDesignTeam
A snapshot of that wiki page is attached at the end of these minutes as
well as in a separate PDF, and a shapsnot of the long-form design team
agenda is attached as a PDF.

They're boiled the choices down to modifying NTS to handle fragmention
or running over DTLS.  Limited/no progress on other items, but hoping
progress on #1 will help with other items.  If DTLS approach works
out, he's confident that other decisions will be made before Berlin.
If DTLS approach does not work out and we need custom key exchange,
then this estimate does not hold.

Sharon concurred with this summary.

Richard Welty reports that the original key exchange is coded.
... expects his documents to be done by this time next week.

Kristof reports that Martin's implementation is well along, but he is
likely only implementing the old key exchange protocol and may not
accommodate changes from the current design team effort.

--

Denis reports having posted a new BCP draft.  He thanks Sharon for
writing up a section on security best practices.  He would still like
a contribution on load balancing, but if he doesn't get that, he'll
just edit for flow and request advancement by end of June.  He'd like
review.

Karen encouraged reaching out to Greg, who had previously offered load
balancing text.

--

Miroslav believes that the fields in the current extensions RFC could
be corrected with minor effort.  But he thinks that Harlan is trying
to do something beyond the intent of the original RFCs, and he's not
sure how to resolve that.  Karen offered to take this up with Harlan,
who was not on the call.

Holding off on other refid, etc. discussion on this call.

--

Karen reports: PTP enterprise profile went through WGLC with no
substantial comments.  Karen intends to send it to IESG and for 1588
review.  No comments raised on this call, either.

--

Karen reports on 1588 MIB and YANG model progress: MIB has gone to the
IESG and still has outstanding editorial changes requested.  Biggest
question is how to deal with copyright between IETF and IEEE - that
has been sent to the IESG-IEEE coordination committee.  This will
impact the YANG model doc also.

--

Timing over MPLS: 

Greg Mirsky: the MLPS WG would like comments on the residence time
management document.  Yakov and Sriram were going to work on updating
the tictoc doc, now expired.  Greg thinks their interest in finalizing
this may be higher and another poke may be sufficient.

--

Miroslav asked re: IANA autokey field type - he had sent a query to
the list.  Karen had missed his email, but she'll look into how to get
this fixed, working with Miroslav and Harlan.  Karen: is there
agreement on what the assignments should be?  A: [scribe didn't
understand]

--

Next interim meeting: Thursday 7 July.  


Attendees:
Karen O'Donoghue
Samuel Weiler
Daniel Franke
Denis Reilley
Dieter Sibold
Greg Mirsky
Kristof Teichel
Miroslav
Richard Welty
Sharon Goldberg


----

Snapshot of design team wiki, including minutes to date:
https://trac.tools.ietf.org/wg/ntp/trac/wiki/NtsWglcDesignTeam


== Network Time Security WGLC Design Team Discussions == 

Link to the agenda document (everyone may comment, only Dieter and Kristof may edit at the moment):
https://docs.google.com/document/d/1CR5mFOP_WZ_FZDTf0IWsXLFOvhO4AXokZNvOb3PWI7E

=== Identified Agenda Items for the Design Team ===
* Top Priority: 
  1. IP fragmentation of certificate-carrying messages during key exchange
  2. Key exchange protocol: do fewer exchanges?
* High Priority:
  3. Key exchange protocol: have fewer cryptographic operations?
  4. Key exchange protocol: what about two-way authentication?
  5. Discussion about Chicken-and-Egg Problem
  6. Improve Handling of Cipher Suites
* Medium Priority
  7. Improve Treatment of Peer Mode
  8. Symmetry of Message Sizes “time_request” and “time_response”
  9. Use of Initial (Unsecured) Timestamps
  10. Seed Refresh: Should this Be Mentioned
  11. Discussion about Different Security Approaches
  12. MAC-Algorithm instead of Hash (for HMAC) Algorithm

=== Meetings ===

First (teleconference) meeting likely on Monday, 25 April, 15:30 UTC; some form of minutes will be made available.

**April 25th (Monday)**

* Platform: Adobe Connect. Severe connection issues for Kristof.
* Attending: Danny, Dieter, Harlan, Karen, Kristof, Miroslav, Sharon.
* Meeting Agenda:
  * Introductions & organizational issues (minute taking)
  * Discussion on correctness & completeness of the team agenda list in the document linked above
  * Discussion on priorities of items (especially "must have" vs. "nice to have")
  * //Optional//: Start of discussion on high-priority items
  * Set date for next meeting
* Additional minutes:
  * Group: Declaring certificate exchange out of scope is bad idea
  * Group: (D)TLS seems promising option
  * Sharon: what is design goal behind custom key exchange (KE)?
  * Miroslav: solve fragmentation by limiting to one cert per exchange?
  * Karen: DTLS / IPsec people should be involved at some point

**May 2nd (Monday)**

* Platform: Adobe Connect. Issue with connectivity between dial-in and PC connections.
* Attending: Dieter, Harlan, Karen, Kristof, Miroslav, Sharon.
* Meeting Agenda:
  * Organizational issues
    * Minute taking
    * Date for next meeting
  * Discussion for item "IP fragmentation" (~10-15 min. each):
    * List of requirements by Miroslav
    * Option "Self-management" (NTS splits extension field data)
    * Option "External channel" (TCP/(D)TLS/HTTPS/...)
  * Flesh out item "Two-way authentication" (~5 min.)
  * Discussion of item "Peer mode" (~5 min.)
  * General discussion
* Additional minutes:
  * Next meeting same time following week. Karen agrees to provide better meeting room.
  * Group: more discussion on DTLS
  * Sharon: should ask DTLS folks specifically. Agrees to contact someone.
  * Miroslav: what about peer mode (expected to be dealt with alreday)
  * Kristof: peer mode via old symmetric approach?
  * Group: discussion about merits/disadvantages of two-way authentication

**May 9th (Monday)**
* Platform: WebEx (room supplied by Karen).
* Attending: Dieter, Harlan, Kristof, Miroslav, Sharon
* Minutes:
  * Group: More discussion on mutual authentication
  * Harlan: needed for peer mode and also mode 6 NTP packets
  * Group: perhaps specify two KE procedures, one which sticks to UDP 123 etc., another which is fast

**May 17th (Tuesday)**
* Platform: WebEx (room supplied by Karen).
* Attending: Harlan, Kristof, Miroslav

**Week of May 22nd**

-Meeting skipped-

**May 31st (Tuesday)**
* Platform: WebEx (room supplied by Karen).
* Attending: Danny, Dieter, Harlan, Karen, Kristof, Miroslav, Sharon
* Meeting Agenda:
  * Changes by Dieter and Kristof (DTLS options)
* Additional minutes:
  * Group: Discussion on unauthenticated timing data
  * Sharon: is in favor of "MUST NOT" language
  * Kristof: would like to treat this in section "NTS assumptions about initial timing quality"
  * Group: eliminated some options for the fragmentation issue
  * Upcoming meeting cancelled in favor of only NTPWG call (Thursday, June 9th). After that, Design team calls can be moved back to Mondays, 15:30 UTC