Re: [TLS] No more GMT exposure in the handshake

Kurt Roeckx <kurt@roeckx.be> Sun, 08 June 2014 16:21 UTC

Return-Path: <kurt@roeckx.be>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C1791A018C for <tls@ietfa.amsl.com>; Sun, 8 Jun 2014 09:21:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Level:
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0wzjKhmcXhpE for <tls@ietfa.amsl.com>; Sun, 8 Jun 2014 09:21:43 -0700 (PDT)
Received: from defiant.e-webshops.eu (defiant.e-webshops.eu [82.146.122.140]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 927731A0089 for <tls@ietf.org>; Sun, 8 Jun 2014 09:21:43 -0700 (PDT)
Received: from intrepid.roeckx.be (localhost [127.0.0.1]) by defiant.e-webshops.eu (Postfix) with ESMTP id 3EA141C219E for <tls@ietf.org>; Sun, 8 Jun 2014 18:21:41 +0200 (CEST)
Received: by intrepid.roeckx.be (Postfix, from userid 1000) id 2353C1FE00EC; Sun, 8 Jun 2014 18:21:41 +0200 (CEST)
Date: Sun, 8 Jun 2014 18:21:41 +0200
From: Kurt Roeckx <kurt@roeckx.be>
To: tls@ietf.org
Message-ID: <20140608162140.GA15151@roeckx.be>
References: <CACsn0cm69oJX_Bxqerig4qBmSf1fcQWW5EG42jia3qJkTwe0Tw@mail.gmail.com> <53934B47.4090603@fifthhorseman.net> <CAFggDF0rn+xuFksKW0+xJMAxRkjb8y6=7qiEQcM200iwtzy-0Q@mail.gmail.com> <20140608101721.GA6189@roeckx.be> <CAFggDF3T33sUmEvcX643nZ6_cdXVUdmv0shrvYxn80sG3vJDRQ@mail.gmail.com> <20140608153936.GF27883@mournblade.imrryr.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20140608153936.GF27883@mournblade.imrryr.org>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/yt9NRycSBitWMdmCL5B8H_l6O0w
Subject: Re: [TLS] No more GMT exposure in the handshake
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 08 Jun 2014 16:21:45 -0000

On Sun, Jun 08, 2014 at 03:39:36PM +0000, Viktor Dukhovni wrote:
> > In any case, having 64bits of timing information from a server would
> > allow for a parasitic network time protocol that is as accurate as NTP
> > to be built on top of TLS. I haven't checked but I believe Google
> > still uses this to set clocks on ChromeOS.
> 
> "As accurate as NTP" is a bold claim.  NTP "accuracy" (as opposed
> to precision which is a different beast entirely) comes from using
> multiple sourcs a PLL to estimate round-trip delay and smooth out
> noise, and when possible multiple sources, ...
> 
> NTP runs over UDP which is less likely to be delayed, re-transmitted, ...
> 
> Attaining NTP "accuracy" over TLS, seems rather implausible.

I think even getting it's precision will be hard.

But I wonder what kind of accuracy do you really want?  I think
getting an accuracy smaller than 1 second shouldn't be that hard,
but ntpd is only claiming an accuracy in the order of 0.1 seconds
in most cases and if you're lucky you get an estimated one in the
order of 1 ms.  But do most people care about 1 second?  Or even
10 seconds?  And if you do care about the accuracy, why don't you
run ntp?


Kurt