Skip to main content

NTP Interleaved Modes
draft-ietf-ntp-interleaved-modes-07

Revision differences

Document history

Date Rev. By Action
2024-01-26
07 Gunter Van de Velde Request closed, assignment withdrawn: Carlos Martínez Last Call OPSDIR review
2024-01-26
07 Gunter Van de Velde Closed request for Last Call review by OPSDIR with state 'Overtaken by Events': Cleaning up stale OPSDIR queue
2023-08-29
07 Paul Wouters [Ballot comment]
[no record]
2023-08-29
07 Paul Wouters Ballot comment text updated for Paul Wouters
2021-10-18
07 Miroslav Lichvar New version available: draft-ietf-ntp-interleaved-modes-07.txt
2021-10-18
07 (System) New version approved
2021-10-18
07 (System) Request for posting confirmation emailed to previous authors: Aanchal Malhotra , Miroslav Lichvar
2021-10-18
07 Miroslav Lichvar Uploaded new revision
2021-08-27
06 Catherine Meadows Request for Last Call review by SECDIR Completed: Has Nits. Reviewer: Catherine Meadows. Sent review to list.
2021-07-24
06 Karen O'Donoghue Added to session: IETF-111: ntp  Tue-1600
2021-07-15
06 Warren Kumari
[Ballot comment]
Updating my previous DISCUSS to ABSTAIN.

It still feels like the document is doing something "hacky" because implementations don't really deal with extensions. …
[Ballot comment]
Updating my previous DISCUSS to ABSTAIN.

It still feels like the document is doing something "hacky" because implementations don't really deal with extensions. I understand that this is a pragmatic solution (and a really clever hack!), but it feels like it falls into the "so sharp you'll cut yourself" type territory. The reason that I'm removing my DISCUSS is that Miroslav clarified (https://mailarchive.ietf.org/arch/msg/ntp/dzZ6W5oPaFS1lMCtNdFgWj8FAPw/) that this has been extensively tested in the real world, and works:
"Yes, it has, quite extensively.

There is a large number of public NTP servers that have the server support enabled. I have also captured and analyzed terabytes of NTP traffic on several public servers in different regions to confirm that it doesn't break any existing implementations."
2021-07-15
06 Warren Kumari [Ballot Position Update] Position for Warren Kumari has been changed to Abstain from Discuss
2021-07-14
06 Erik Kline Removed from agenda for telechat
2021-07-14
06 Benjamin Kaduk
[Ballot comment]
While this is an interesting approach, and a very clever technique to
add new functionality in the face of perceived constraints, it's not …
[Ballot comment]
While this is an interesting approach, and a very clever technique to
add new functionality in the face of perceived constraints, it's not
clear to me that the perceived constraints are indeed constraints in
reality -- this possible mismatch between perceived constraints and
actual constraints seems to be at the core of Warren and Rob's discuss
points, so I will not belabor it further here.  Furthermore, the overall
quality of the document in terms of describing the protocol does not
seem to be at the level that I have come to expect from proposed
standards. In particular, if I tried to implement this protocol, I think
I would find myself needing to make guesses or choose among multiple
possible interpretations of the text in many places.  Accordingly, I
can't support publishing this document as a proposed standard in its
current form, so I'm balloting Abstain.  It would certainly be possible
to improve the document into a form that I can support, but since I
don't have a specific list of actionable changes that would be needed to
do so, I have to ballot Abstain rather than Discuss.

The discussion of "user space"/"kernel", "system call", and the like
seems to implicitly assume a certain architecture and may not be
applicable to fully all devices speaking NTP.  But these are certainly
common architectures and abstractions, and I don't expect that using
this framing for the discussion will hamper readability.

There seem to be some scenarios where packets can be sent in both basic
mode and interleaved mode within the same association, and it cannot
always be predicted whether a response or "next message" will be in
interleaved mode or not.  It seems like this could present significant
implementation complexity in terms of deciding whether or not to process
a packet "now" as a basic-mode packet or wait for a follow-up that
includes the more-accurate interleaved-mode timestamp, or some more
complicated combination of the two.  Is there any implementation
guidance that we can give about how to process packets when there may or
may not be a later follow-up with a correction to it?

Section 1

  Requests and responses cannot always be formed in interleaved mode.
  Servers, clients, and peers are required to support both interleaved
  and basic modes.

I'm not sure I understand the intended statement of requirement here.
Are we proposing (by virtue of Updates: 5905) that all NTP
implementations are required to support interleaved mode?  Or just that,
in order to use interleaved mode, all parties are required to have
support for it?

Section 2

Breaking this up into subsections might help readability.

  A client request in the basic mode has an origin timestamp equal to
  the transmit timestamp from the previous server response, or is zero.
  A server response in the basic mode has an origin timestamp equal to
  the transmit timestamp from the client's request.  The transmit
  timestamps correspond to the packets in which they are included.

Since we use the receive timestamp from the client's request in some of
our later discussion, I would strongly suggest including the receive
timestamp in the description of basic mode here (and interleaved mode in
the subsequent paragraph).

  A client request in the interleaved mode has an origin timestamp
  equal to the receive timestamp from the previous server response.  A
  server response in the interleaved mode has an origin timestamp equal
  to the receive timestamp from the client's request.  The transmit
  timestamps correspond to the previous packets that were sent to the
  server or client.

Please provide a lot more precision about what "transmit timestamps
correspond to the previous packets" means -- I might guess that it's
just (client, server) using the same transmit timestamp used by the
(client, server) to generate the initial exchange that preceded
interleaved mode, but I also might guess a lot of other things.

  The transmit and receive timestamps in server responses need to be
  unique to prevent two different clients from sending requests with
  the same origin timestamp and the server responding in the
  interleaved mode with an incorrect transmit timestamp.  If the

IIUC (having read the rest of the document), the requirement here is
that if we take the union of all transmit timestamps and all receive
timestamps generated by the server, there must be no duplicates.  This
text as written did not lead me to that conclusion; I had initially
assumed that it only meant "for each response packet generated, do not
generate x.rec == x.xmt", which is a much weaker condition (and very
hard to achieve accidentally!).  I strongly suggest rewording to improve
clarity.

  timestamps are not guaranteed to be monotonically increasing, the
  server SHOULD check that the transmit and receive timestamp is not
  already saved as a receive timestamp of a previous request (from the
  same IP address if the server separates timestamps by addresses), and
  generate a new timestamp if necessary.

It would be nice to have a little more exposition on whether it's
only monotonicity of transmit timestamps that's important for being able
to skip this check, since "the timestamps" as written could also refer
to the receive timestamp given the previous discussion.  Additionally,
the mention of "transmit and receive timestamp is not already saved"
implies that this check is only needed when the two timestamps have the
same value, and I'm not entirely sure whether that's the case.

  A response in the interleaved mode MUST contain the transmit
  timestamp of the response which contained the receive timestamp
  matching the origin timestamp from the request.  [...]

"contain" doesn't say much about containing *where*; I suggest being
very clear that it contains in the transmit timestamp field the same
transmit timestamp used in the previous response.

  The first request from a client is always in the basic mode and so is
  the server response.  It has a zero origin timestamp and zero receive
  timestamp.  Only when the client receives a valid response from the
  server, it will be able to send a request in the interleaved mode.

While this is true of the first request ever, it's not quite true for
the first request of a given exchange, since RFC 5905 allows the client
to send the transmit timestamp from a previous server response as the
origin timestamp.  We do mention at the end of the section that
draft-ietf-ntp-data-minimization recommends sending zero as the origin
timestamp, but that's of course not something that can be strongly
relied upon.  I'd actually suggest just noting here that the first
request has to be detected to be in basic mode, and forward-reference a
dedicated subsection at the end of the section that talks about how to
identify such requests.

  When the client receives a response from the server, it performs the
  tests described in RFC 5905.  Two of the tests are modified for the
  interleaved mode:

Indicating more precisely exactly which tests are modified (e.g., that
these are the numbered tests from figure 22 of RFC 5905) could be
useful.

  1.  The check for duplicate packets SHOULD compare both receive and
      transmit timestamps in order to not drop a valid response in the
      interleaved mode if it follows a response in the basic mode and
      they contain the same transmit timestamp.

  2.  The check for bogus packets SHOULD compare the origin timestamp
      with both transmit and receive timestamps from the request.  If
      the origin timestamp is equal to the transmit timestamp, the
      response is in the basic mode.  If the origin timestamp is equal
      to the receive timestamp, the response is in the interleaved
      mode.

If I understand correctly, ignoring either of these SHOULDs would result in
completely failing to use interleaved mode.  Does that mean that they're
MUSTs?

  A check for a non-zero origin timestamp works with clients that
  implement NTP data minimization [I-D.ietf-ntp-data-minimization].  To
  detect requests in the basic mode from clients that do not implement
  the data minimization, the server can encode in low-order bits of the
  receive and transmit timestamps below precision of the clock a bit
  indicating whether the timestamp is a receive timestamp.  If the
  server receives a request with a non-zero origin timestamp which does
  not indicate it is a receive timestamp of the server, the request is
  in the basic mode and it is not necessary to save the new receive and
  transmit timestamp.

In the vein of my earlier comment, I'd suggest rewording this
significantly and making it a dedicated subsection on detecting if a
request is in basic or interleaved mode.  That might look something like
this:

% As part of request processing, the server must determine whether a
% given request is in basic or interleaved mode (and thus whether or not
% to respond in basic or interleaved mode).  A request with a zero
% origin timestamp is unambiguously in basic mode, but RFC 5905 allows a
% client to send a request with a non-zero origin timestamp copied from
% the transmit timestamp of a previous response from that server.  While
% [I-D.ietf-ntp-data-minimization] recommends always using zero for the
% request's origin timestamp, that is not a behavior that the server can
% rely upon, and so an additional mechanism is needed in order to detect
% whether a request with non-zero origin timestamp is in basic mode.
% While having the server store all the transmit timestamps it has
% previously used (potentially scoped to just this client), combined
% with a requirement to maintain uniqueness across all of the transmit
% and receive timestamps the server generates, would perform this
% function, it would require an unfeasible amount of resources and
% degrade the quality of time synchronization.  An alternate approach is
% to use a low-order bit in the timestamp field, below the precision of
% the server's clock, to indicate whether a timestamp is sent as a
% transmit timestamp or a receive timestamp.  When processing requests
% with non-zero origin timestamps, that bit can then be used to
% determine whether the request was in basic mode (transmit timestamp)
% or interleaved mode (receive timestamp).

Section 3

  The interleaved symmetric mode uses the same principles as the
  interleaved client/server mode.  A packet in the interleaved
  symmetric mode has a transmit timestamp which corresponds to the
  previous packet sent to the peer [...]

Please apply the same change regarding "corresponds to" that was made in
§2.

  In order to prevent the peer from matching the transmit timestamp
  with an incorrect packet when the peers' transmissions do not
  alternate (e.g. they use different polling intervals) and a previous
  packet was lost, the use of the interleaved mode in symmetric
  associations requires additional restrictions.

Though the specific "restrictions" are enumerated as specific conditions
below (scare quotes since they are only "SHOULD"-level requirements),
the subsequent discussion suggests that in practice there are also
implications on the relationship between the polling intervals of the
two peers.  Should we say something here about how the polling intervals
should be within a factor of (1.5? 2?) of each other in order for
interleaved mode to be feasible?

  A peer A SHOULD send a peer B a packet in the interleaved mode only
  when all of the following conditions are met:

What happens if I violate this SHOULD?

  third packet sent by the peer A is in the interleaved mode.  The
  second packet sent by the peer B is in the interleaved mode, but the
  following packets sent by the peer are in the basic mode, because
  multiple responses are sent per request.

Please clarify whether the final "the peer" is peer A or peer B (or is
meant to be "the peers" plural).

  The peers SHOULD compute the offset and delay using one of the two
  sets of timestamps specified in the client/server section.  They MAY
  switch between them to minimize the interval between T1 and T4 in
  order to reduce the error in the measured delay.

One of the sets of timestamps doesn't use T1, so I'm not sure what is
supposed to be minimized here.

Section 4

  If the difference is larger than a specified maximum (e.g. 1 second),
  the packet SHOULD NOT be used for synchronization.

Not used at all, or used only in basic mode?

Section 7

  Clients using the interleaved mode SHOULD randomize all bits of both
  receive and transmit timestamps, as recommended for the transmit
  timestamp in the NTP client data minimization
  [I-D.ietf-ntp-data-minimization], to make it more difficult for off-
  path attackers to guess the origin timestamp.  [...]

I would suggest going into a little more detail on the scope of
consequences if an off-path attacker does successfully guess the origin
timestamp.

  Protecting symmetric associations in the interleaved mode against
  replay attacks is even more difficult than in the basic mode.  The
  NTP state needs to be protected not only between the reception and
  transmission in order to send the peer a packet with a valid origin
  timestamp, but all the time to not lose the timestamps which will be
  needed to complete a measurement when the following packet in the
  interleaved mode is received.

Is there some existing guidance on how to protect symmetric associations
that we can refer to (and would be effective under these constraints)?

NITS

Section 1

  This document describes an interleaved client/server, interleaved
  symmetric, and interleaved broadcast mode.  In these modes, the
  server sends a single packet, which contains a transmit timestamp
  corresponding to the previous packet that was sent to the client or
  peer.  [...]

The "sends a single packet" phrasing is a little weird, since we have a
four-packet architecture and the comparison we're making is that any
given request gets only a single response, not that there is only one
packet needed overall.

Section 2

  The client SHOULD NOT update its NTP state when an invalid response
  is received to not lose the timestamps which will be needed to
  complete a measurement when the subsequent response in the
  interleaved mode is received.

I suggest a comma after "invalid response is received".
2021-07-14
06 Benjamin Kaduk [Ballot Position Update] New position, Abstain, has been recorded for Benjamin Kaduk
2021-07-13
06 Alvaro Retana [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana
2021-07-12
06 Lars Eggert
[Ballot comment]
I support Warren's DISCUSS on this. Based on the outcome of the discussion, I
may change my ballot position to an ABSTAIN.

Section …
[Ballot comment]
I support Warren's DISCUSS on this. Based on the outcome of the discussion, I
may change my ballot position to an ABSTAIN.

Section 1. , paragraph 15, comment:
>    An explicit negotiation would require a new extension field,
>    which would not work well with implementations that do not respond to
>    requests with unknown extension fields.

Aren't such implementations in violation of the NTP specification? If so,
shouldn't they be fixed instead of jumping through hoops here to avoid the need
for negotiation? Especially since at some point, there will likely be the need
for negotiation for some other NTP extension. Better bite the bullet now?

-------------------------------------------------------------------------------
All comments below are about very minor potential issues that you may choose to
address in some way - or ignore - as you see fit. Some were flagged by
automated tools (via https://github.com/larseggert/ietf-reviewtool), so there
will likely be some false positives. There is no need to let me know what you
did with these suggestions.

Section 1. , paragraph 11, nit:
-    packet that strictly follows RFC 5905, i.e. it contains a transmit
-                                              ^^^
+    packet that strictly follows RFC 5905, i.e., contains a transmit
+                                              ^

Document references draft-ietf-ntp-port-randomization-06, but -08 is the latest
available revision.

These URLs in the document can probably be converted to HTTPS:
* http://www.ntp.org
* http://eprint.iacr.org/2016/1006
2021-07-12
06 Lars Eggert [Ballot Position Update] New position, No Objection, has been recorded for Lars Eggert
2021-07-09
06 Martin Duke [Ballot Position Update] New position, No Objection, has been recorded for Martin Duke
2021-07-01
06 (System) IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed
2021-07-01
06 Miroslav Lichvar New version available: draft-ietf-ntp-interleaved-modes-06.txt
2021-07-01
06 (System) New version approved
2021-07-01
06 (System) Request for posting confirmation emailed to previous authors: Aanchal Malhotra , Miroslav Lichvar
2021-07-01
06 Miroslav Lichvar Uploaded new revision
2021-06-29
05 Erik Kline Telechat date has been changed to 2021-07-15 from 2021-07-01
2021-06-29
05 Erik Kline IESG state changed to IESG Evaluation - Defer from IESG Evaluation
2021-06-28
05 Robert Wilton
[Ballot discuss]
Hi,

Disclaimer, I don't know NTP.

Thanks for this document, and whilst I agree with Eric that the mechanism is clever, I am …
[Ballot discuss]
Hi,

Disclaimer, I don't know NTP.

Thanks for this document, and whilst I agree with Eric that the mechanism is clever, I am less convinced that it is wise.  Specifically, I have a deep concern with repurposing fields to have a different meaning with no indication other than heuristics on the field to deduce their true meaning.  It feels to me that this pseudo-extension will operationally make NTP harder to manage and to debug issues.

I note that Daniel Franke suggested that this extra information be carried in extension fields, but the authors are concerned with the increase in packet size causing problems.  I didn't really understand the explanation as to why this would be a problem, in that it is comparing the length between basic and extended packets, but if the extension was negotiated then could all packets use the extension fields and be of the same length?  Or is it simply the increase in packet length that is an issue?

Alternatively, would it at least be possible to use an extension field to flag that the fields now have a different meaning?  Would that allow receivers to discard the packets with an "unknown extension" warning rather than a "the peer seems to be sending me garbage" error.

Regards,
Rob
2021-06-28
05 Robert Wilton [Ballot comment]
Note, it looks like the wrong shepherd writeup has been uploaded on the datatracker page.
2021-06-28
05 Robert Wilton [Ballot Position Update] New position, Discuss, has been recorded for Robert Wilton
2021-06-28
05 Warren Kumari
[Ballot discuss]
I'm quite uncomfortable with the "we'll just change the meaning of some fields, and implementations will be fine with this" tone.
The document …
[Ballot discuss]
I'm quite uncomfortable with the "we'll just change the meaning of some fields, and implementations will be fine with this" tone.
The document says: "An explicit negotiation would require a new extension field, which would not work well with implementations that do not respond to requests with unknown extension fields.", and so this plays some tricks to encode information in existing fields. This feels incredibly hacky, but I figured that it's probably all fine if it has been shown to work well across a very very large set of implementations without causing backward issues.

The Shepherd Writeup (https://datatracker.ietf.org/doc/draft-ietf-ntp-interleaved-modes/shepherdwriteup/ ) says:
"There are multiple implementations of the document. They are discussed in Section 5, entitled "Implementation Status".", so I felt hopeful that there had been extensive testing, but I was not able to find a section entitled "Implementation Status" in any version of draft-mlichvar-ntp-interleaved-modes or draft-ietf-ntp-interleaved-modes.

What I *did* find was:
5.  Acknowledgements

  The interleaved modes described in this document are based on the
  implementation written by David Mills in the NTP project [1].  The
  specification of the broadcast mode is based purely on this
  implementation.  The specification of the symmetric mode has some
  modifications.  The client/server mode is specified as a new mode
  compatible with the symmetric mode, similarly to the basic symmetric
  and client/server modes.




So, from what I understand, the broadcast mode is based in the linked implementation (a pointer to where in the codebase this is implemented would have been much more helpful than just a link to http://www.ntp.org), but the more complex, and (FWICT) likely to cause interoperability issues pars have  "some modifications" and "a new mode compatible with the symmetric mode".

So, are there in fact "multiple implementations of the document."? Has there been interoperability testing to confirm that there are no backwards compatibility issues?
Much of the document feels somewhat hand-wavy regarding the compatibility with existing implementations, as well as in things like:
"The client SHOULD limit the number of requests in the interleaved mode between server responses to prevent processing of very old timestamps in case a large number of consecutive requests is lost." -- SHOULD limit to what number? 1? 3? 17?
2021-06-28
05 Warren Kumari
[Ballot comment]
When the document says things like:
"A peer A SHOULD send a peer B a packet in the interleaved mode only when the …
[Ballot comment]
When the document says things like:
"A peer A SHOULD send a peer B a packet in the interleaved mode only when the following conditions are met:"
I'm assuming that this means "only when the **all** following conditions are met:"? If so, it needs to be explicit.

To be clear, when the document says:
"1.  The peer A has an active association with the peer B which was
      specified with the option enabling the interleaved mode, OR the
      peer A received at least one valid packet in the interleaved mode
      from the peer B."

If "peer A has an active association with the peer B which was **not** specified with the option enabling the interleaved mode" and "peer A receive[s] at least one valid packet in the interleaved mode from the peer B." should it enable interleaved mode? How is an operator supposed to know if they should enable this mode when talking to a peer?

As far as I can tell, this adds a significant amount of state keeping to server implementations. The document does somewhat mention this ("A server which supports the interleaved mode needs to save pairs of local receive and transmit timestamps.  The server SHOULD discard old timestamps to limit the amount of memory needed to support clients using the interleaved mode."), but it seems like this is a fairly large change, and this bit of text doesn't really cover the state requirements.
2021-06-28
05 Warren Kumari [Ballot Position Update] New position, Discuss, has been recorded for Warren Kumari
2021-06-28
05 Éric Vyncke
[Ballot comment]
Thank you for the work put into this document. I really like the idea behind this I-D: simple and smart ;-)

Please find …
[Ballot comment]
Thank you for the work put into this document. I really like the idea behind this I-D: simple and smart ;-)

Please find below some non-blocking COMMENT points.

I hope that this helps to improve the document,

Regards,

-éric

-- Section 2 --
"  The server MAY separate the timestamps
  by IP addresses, but it SHOULD NOT separate them by port numbers,
  i.e.  clients are allowed to change their source port between
  requests."
With draft-ietf-ntp-port-randomization in mind, please change the "clients are allowed" into "clients are recommended to"

"  Both servers and clients that support the interleaved mode MUST NOT
  send a packet that has a transmit timestamp equal to the receive
  timestamp"
Will it always be possible to comply with the above "MUST NOT" ?
2021-06-28
05 Éric Vyncke [Ballot Position Update] New position, No Objection, has been recorded for Éric Vyncke
2021-06-22
05 Cindy Morgan Placed on agenda for telechat - 2021-07-01
2021-06-22
05 Erik Kline Ballot has been issued
2021-06-22
05 Erik Kline [Ballot Position Update] New position, Yes, has been recorded for Erik Kline
2021-06-22
05 Erik Kline Created "Approve" ballot
2021-06-22
05 Erik Kline IESG state changed to IESG Evaluation from Waiting for Writeup
2021-06-22
05 Erik Kline Ballot writeup was changed
2021-04-14
05 (System) IESG state changed to Waiting for Writeup from In Last Call
2021-04-09
05 (System) IANA Review state changed to IANA OK - No Actions Needed from IANA - Review Needed
2021-04-09
05 Sabrina Tanamal
(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Functions Operator has reviewed draft-ietf-ntp-interleaved-modes-04, which is currently in Last Call, and has the following comments:

We …
(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Functions Operator has reviewed draft-ietf-ntp-interleaved-modes-04, which is currently in Last Call, and has the following comments:

We understand that this document doesn't require any registry actions.

While it's often helpful for a document's IANA Considerations section to remain in place upon publication even if there are no actions, if the authors strongly prefer to remove it, we do not object.

If this assessment is not accurate, please respond as soon as possible.

Thank you,

Sabrina Tanamal
Senior IANA Services Specialist
2021-04-08
05 Miroslav Lichvar New version available: draft-ietf-ntp-interleaved-modes-05.txt
2021-04-08
05 (System) New version approved
2021-04-08
05 (System) Request for posting confirmation emailed to previous authors: Aanchal Malhotra , Miroslav Lichvar
2021-04-08
05 Miroslav Lichvar Uploaded new revision
2021-04-08
04 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Carlos Martínez
2021-04-08
04 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Carlos Martínez
2021-04-06
04 Reese Enghardt Request for Last Call review by GENART Completed: Ready with Issues. Reviewer: Theresa Enghardt. Sent review to list.
2021-04-01
04 Jean Mahoney Request for Last Call review by GENART is assigned to Theresa Enghardt
2021-04-01
04 Jean Mahoney Request for Last Call review by GENART is assigned to Theresa Enghardt
2021-04-01
04 Tero Kivinen Request for Last Call review by SECDIR is assigned to Catherine Meadows
2021-04-01
04 Tero Kivinen Request for Last Call review by SECDIR is assigned to Catherine Meadows
2021-03-31
04 Cindy Morgan IANA Review state changed to IANA - Review Needed
2021-03-31
04 Cindy Morgan
The following Last Call announcement was sent out (ends 2021-04-14):

From: The IESG
To: IETF-Announce
CC: draft-ietf-ntp-interleaved-modes@ietf.org, ek.ietf@gmail.com, ntp-chairs@ietf.org, ntp@ietf.org, odonoghue@isoc.org …
The following Last Call announcement was sent out (ends 2021-04-14):

From: The IESG
To: IETF-Announce
CC: draft-ietf-ntp-interleaved-modes@ietf.org, ek.ietf@gmail.com, ntp-chairs@ietf.org, ntp@ietf.org, odonoghue@isoc.org
Reply-To: last-call@ietf.org
Sender:
Subject: Last Call:  (NTP Interleaved Modes) to Proposed Standard


The IESG has received a request from the Network Time Protocol WG (ntp) to
consider the following document: - 'NTP Interleaved Modes'
  as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
last-call@ietf.org mailing lists by 2021-04-14. Exceptionally, comments may
be sent to iesg@ietf.org instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.

Abstract


  This document extends the specification of Network Time Protocol
  (NTP) version 4 in RFC 5905 with special modes called the NTP
  interleaved modes, that enable NTP servers to provide their clients
  and peers with more accurate transmit timestamps that are available
  only after transmitting NTP packets.  More specifically, this
  document describes three modes: interleaved client/server,
  interleaved symmetric, and interleaved broadcast.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-ntp-interleaved-modes/



No IPR declarations have been submitted directly on this I-D.




2021-03-31
04 Cindy Morgan IESG state changed to In Last Call from Last Call Requested
2021-03-31
04 Erik Kline Last call was requested
2021-03-31
04 Erik Kline Last call announcement was generated
2021-03-31
04 Erik Kline Ballot approval text was generated
2021-03-31
04 Erik Kline Ballot writeup was generated
2021-03-31
04 Erik Kline IESG state changed to Last Call Requested from AD Evaluation::AD Followup
2021-03-31
04 Erik Kline
Just a few random thoughts.  Feel free to ignore.  I'll advance this
draft -04 to request LC, so no need to rev a -05 at …
Just a few random thoughts.  Feel free to ignore.  I'll advance this
draft -04 to request LC, so no need to rev a -05 at this time.

[[ comments / questions / nits ]]

[ section 2 ]

* It's probably just me, but "to the following request" read to me as though
  there would be, following this sentence, a description of the next request.
  Up to you, but perhaps "to the subsequent request"?

* The diagram in Figure 1 (and 2 and 3) is very helpful, thank you.

  If I may, though, I found the use of "'" to be slightly confusing.  It
  clashed with my expectations from (increasingly remote in time) maths
  where I would consider x' to be a future/subsequent value different from
  x (where the direction of change is reversed, if you see what I mean).

  I see that it's important to keep the T1/T3/... formula text consistent
  and simple.  Perhaps consider an alternate modifier symbol, like t1~, t11~
  or something (~ sometimes is used to indicate "approximate" values,
  I think)?

  If you do consider this, then don't forget to make Figures 2 and 3
  consistent as well.
2021-03-31
04 Erik Kline IESG state changed to AD Evaluation::AD Followup from AD Evaluation
2021-03-30
04 (System) Changed action holders to Erik Kline (IESG state changed)
2021-03-30
04 Erik Kline IESG state changed to AD Evaluation from Publication Requested
2021-03-20
04 Karen O'Donoghue
(1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? …
(1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? Is this type of RFC indicated in the title page header?

Proposed standard. The RFC type is indicated on the title page header.

This document updates RFC5905, replacing text from RFC5095 to recommend the use of transport-protocol ephemeral port randomization for NTP modes where use of the service port is not required. Thus, it requires a Standards Track document.


(2) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections:

Technical Summary:

Relevant content can frequently be found in the abstract and/or introduction of the document. If not, this may be an indication that there are deficiencies in the abstract or introduction.

The Network Time Protocol can operate in several modes.  Some of these modes are based on the receipt of unsolicited packets, and therefore require the use of a well-known port as the local port number.  However, in the case of NTP modes where the use of a well-known port is not required, employing such well-known port unnecessarily increases the ability of attackers to perform blind/off-path attacks.  This document formally updates RFC5905, recommending the use of transport-protocol ephemeral port randomization for those modes where use of the NTP well-known port is not required.
 
 
Working Group Summary:

Was there anything in WG process that is worth noting? For example, was there controversy about particular points or were there decisions where the consensus was particularly rough?

There was nothing particularly noteworthy in the WG process.


Document Quality:

Are there existing implementations of the protocol? Have a significant number of vendors indicated their plan to implement the specification? Are there any reviewers that merit special mention as having done a thorough review, e.g., one that resulted in important changes or a conclusion that the document had no substantive issues? If there was a MIB Doctor, YANG Doctor, Media Type or other expert review, what was its course (briefly)? In the case of a Media Type review, on what date was the request posted?

There are multiple implementations of the document. They are discussed in Section 5, entitled "Implementation Status".


Personnel:

Who is the Document Shepherd? Who is the Responsible Area Director?

Karen O'Donoghue is the Document Shepherd. Erik Kline is the Responsible Area Director.


(3) Briefly describe the review of this document that was performed by the Document Shepherd. If this version of the document is not ready for publication, please explain why the document is being forwarded to the IESG.

This document is an update of RFC5905. The document shepherd has reviewed the proposed change to that document, and has performed a thorough read of the entire document.


(4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed?

No.


(5) Do portions of the document need review from a particular or from broader perspective, e.g., security, operational complexity, AAA, DNS, DHCP, XML, or internationalization? If so, describe the review that took place.

No.


(6) Describe any specific concerns or issues that the Document Shepherd has with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here.

There are no concerns.


(7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed. If not, explain why?

All co-authors have confirmed conformance.


(8) Has an IPR disclosure been filed that references this document? If so, summarize any WG discussion and conclusion regarding the IPR disclosures.

No.


(9) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it?

There is WG consensus behind the document.


(10) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is publicly available.)

No.


(11) Identify any ID nits the Document Shepherd has found in this document. (See http://www.ietf.org/tools/idnits/ and the Internet-Drafts Checklist). Boilerplate checks are not enough; this check needs to be thorough.

ID nits was run on 11 Feb 2021. The results at that time were:
Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 2 comments (--).
These are minor issues that will be addressed during the next stage of publication including the update of an outdated informative reference.

(12) Describe how the document meets any required formal review criteria, such as the MIB Doctor, YANG Doctor, media type, and URI type reviews.

None required.


(13) Have all references within this document been identified as either normative or informative?

Yes.


(14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the plan for their completion?

No.


(15) Are there downward normative references references (see RFC 3967)? If so, list these downward references to support the Area Director in the Last Call procedure.

There are no downward references.


(16) Will publication of this document change the status of any existing RFCs? Are those RFCs listed on the title page header, listed in the abstract, and discussed in the introduction? If the RFCs are not listed in the Abstract and Introduction, explain why, and point to the part of the document where the relationship of this document to the other RFCs is discussed. If this information is not in the document, explain why the WG considers it unnecessary.

This document updates RFC5905. This is listed on the title page header and the abstract, and discussed in the introduction.


(17) Describe the Document Shepherd's review of the IANA considerations section, especially with regard to its consistency with the body of the document. Confirm that all protocol extensions that the document makes are associated with the appropriate reservations in IANA registries. Confirm that any referenced IANA registries have been clearly identified. Confirm that newly created IANA registries include a detailed specification of the initial contents for the registry, that allocations procedures for future registrations are defined, and a reasonable name for the new registry has been suggested (see RFC 8126).

There are no IANA considerations.


(18) List any new IANA registries that require Expert Review for future allocations. Provide any public guidance that the IESG would find useful in selecting the IANA Experts for these new registries.

None.


(19) Describe reviews and automated checks performed by the Document Shepherd to validate sections of the document written in a formal language, such as XML code, BNF rules, MIB definitions, YANG modules, etc.

None.


(20) If the document contains a YANG module, has the module been checked with any of the recommended validation tools (https://trac.ietf.org/trac/ops/wiki/yang-review-tools) for syntax and formatting validation? If there are any resulting errors or warnings, what is the justification for not fixing them at this time? Does the YANG module comply with the Network Management Datastore Architecture (NMDA) as specified in RFC8342?

This document does not contain a YANG module.

2021-03-20
04 Karen O'Donoghue Responsible AD changed to Erik Kline
2021-03-20
04 Karen O'Donoghue IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up
2021-03-20
04 Karen O'Donoghue IESG state changed to Publication Requested from I-D Exists
2021-03-20
04 Karen O'Donoghue IESG process started in state Publication Requested
2021-03-20
04 Karen O'Donoghue
(1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? …
(1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? Is this type of RFC indicated in the title page header?

Proposed standard. The RFC type is indicated on the title page header.

This document updates RFC5905, replacing text from RFC5095 to recommend the use of transport-protocol ephemeral port randomization for NTP modes where use of the service port is not required. Thus, it requires a Standards Track document.


(2) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections:

Technical Summary:

Relevant content can frequently be found in the abstract and/or introduction of the document. If not, this may be an indication that there are deficiencies in the abstract or introduction.

The Network Time Protocol can operate in several modes.  Some of these modes are based on the receipt of unsolicited packets, and therefore require the use of a well-known port as the local port number.  However, in the case of NTP modes where the use of a well-known port is not required, employing such well-known port unnecessarily increases the ability of attackers to perform blind/off-path attacks.  This document formally updates RFC5905, recommending the use of transport-protocol ephemeral port randomization for those modes where use of the NTP well-known port is not required.
 
 
Working Group Summary:

Was there anything in WG process that is worth noting? For example, was there controversy about particular points or were there decisions where the consensus was particularly rough?

There was nothing particularly noteworthy in the WG process.


Document Quality:

Are there existing implementations of the protocol? Have a significant number of vendors indicated their plan to implement the specification? Are there any reviewers that merit special mention as having done a thorough review, e.g., one that resulted in important changes or a conclusion that the document had no substantive issues? If there was a MIB Doctor, YANG Doctor, Media Type or other expert review, what was its course (briefly)? In the case of a Media Type review, on what date was the request posted?

There are multiple implementations of the document. They are discussed in Section 5, entitled "Implementation Status".


Personnel:

Who is the Document Shepherd? Who is the Responsible Area Director?

Karen O'Donoghue is the Document Shepherd. Erik Kline is the Responsible Area Director.


(3) Briefly describe the review of this document that was performed by the Document Shepherd. If this version of the document is not ready for publication, please explain why the document is being forwarded to the IESG.

This document is an update of RFC5905. The document shepherd has reviewed the proposed change to that document, and has performed a thorough read of the entire document.


(4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed?

No.


(5) Do portions of the document need review from a particular or from broader perspective, e.g., security, operational complexity, AAA, DNS, DHCP, XML, or internationalization? If so, describe the review that took place.

No.


(6) Describe any specific concerns or issues that the Document Shepherd has with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here.

There are no concerns.


(7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed. If not, explain why?

All co-authors have confirmed conformance.


(8) Has an IPR disclosure been filed that references this document? If so, summarize any WG discussion and conclusion regarding the IPR disclosures.

No.


(9) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it?

There is WG consensus behind the document.


(10) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is publicly available.)

No.


(11) Identify any ID nits the Document Shepherd has found in this document. (See http://www.ietf.org/tools/idnits/ and the Internet-Drafts Checklist). Boilerplate checks are not enough; this check needs to be thorough.

ID nits was run on 11 Feb 2021. The results at that time were:
Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 2 comments (--).
These are minor issues that will be addressed during the next stage of publication including the update of an outdated informative reference.

(12) Describe how the document meets any required formal review criteria, such as the MIB Doctor, YANG Doctor, media type, and URI type reviews.

None required.


(13) Have all references within this document been identified as either normative or informative?

Yes.


(14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the plan for their completion?

No.


(15) Are there downward normative references references (see RFC 3967)? If so, list these downward references to support the Area Director in the Last Call procedure.

There are no downward references.


(16) Will publication of this document change the status of any existing RFCs? Are those RFCs listed on the title page header, listed in the abstract, and discussed in the introduction? If the RFCs are not listed in the Abstract and Introduction, explain why, and point to the part of the document where the relationship of this document to the other RFCs is discussed. If this information is not in the document, explain why the WG considers it unnecessary.

This document updates RFC5905. This is listed on the title page header and the abstract, and discussed in the introduction.


(17) Describe the Document Shepherd's review of the IANA considerations section, especially with regard to its consistency with the body of the document. Confirm that all protocol extensions that the document makes are associated with the appropriate reservations in IANA registries. Confirm that any referenced IANA registries have been clearly identified. Confirm that newly created IANA registries include a detailed specification of the initial contents for the registry, that allocations procedures for future registrations are defined, and a reasonable name for the new registry has been suggested (see RFC 8126).

There are no IANA considerations.


(18) List any new IANA registries that require Expert Review for future allocations. Provide any public guidance that the IESG would find useful in selecting the IANA Experts for these new registries.

None.


(19) Describe reviews and automated checks performed by the Document Shepherd to validate sections of the document written in a formal language, such as XML code, BNF rules, MIB definitions, YANG modules, etc.

None.


(20) If the document contains a YANG module, has the module been checked with any of the recommended validation tools (https://trac.ietf.org/trac/ops/wiki/yang-review-tools) for syntax and formatting validation? If there are any resulting errors or warnings, what is the justification for not fixing them at this time? Does the YANG module comply with the Network Management Datastore Architecture (NMDA) as specified in RFC8342?

This document does not contain a YANG module.

2021-03-20
04 Karen O'Donoghue Notification list changed to odonoghue@isoc.org because the document shepherd was set
2021-03-20
04 Karen O'Donoghue Document shepherd changed to Karen O'Donoghue
2021-03-20
04 Karen O'Donoghue IETF WG state changed to WG Consensus: Waiting for Write-Up from In WG Last Call
2021-03-08
04 Karen O'Donoghue Added to session: IETF-110: ntp  Tue-1700
2020-09-17
04 Miroslav Lichvar New version available: draft-ietf-ntp-interleaved-modes-04.txt
2020-09-17
04 (System) New version approved
2020-09-17
04 (System) Request for posting confirmation emailed to previous authors: Miroslav Lichvar , Aanchal Malhotra
2020-09-17
04 Miroslav Lichvar Uploaded new revision
2020-08-06
03 (System) Document has expired
2020-07-21
03 Karen O'Donoghue Added to session: IETF-108: ntp  Fri-1100
2020-02-03
03 Miroslav Lichvar New version available: draft-ietf-ntp-interleaved-modes-03.txt
2020-02-03
03 (System) New version approved
2020-02-03
03 (System) Request for posting confirmation emailed to previous authors: Miroslav Lichvar , Aanchal Malhotra
2020-02-03
03 Miroslav Lichvar Uploaded new revision
2019-11-24
02 (System) Document has expired
2019-05-23
02 Miroslav Lichvar New version available: draft-ietf-ntp-interleaved-modes-02.txt
2019-05-23
02 (System) New version approved
2019-05-23
02 (System) Request for posting confirmation emailed to previous authors: Miroslav Lichvar , Aanchal Malhotra
2019-05-23
02 Miroslav Lichvar Uploaded new revision
2018-12-14
01 Miroslav Lichvar New version available: draft-ietf-ntp-interleaved-modes-01.txt
2018-12-14
01 (System) New version approved
2018-12-14
01 (System) Request for posting confirmation emailed to previous authors: Miroslav Lichvar , Aanchal Malhotra
2018-12-14
01 Miroslav Lichvar Uploaded new revision
2018-11-06
00 Karen O'Donoghue Changed consensus to Yes from Unknown
2018-11-06
00 Karen O'Donoghue Intended Status changed to Proposed Standard from Informational
2018-11-06
00 Karen O'Donoghue Intended Status changed to Informational from None
2018-11-06
00 Karen O'Donoghue IETF WG state changed to In WG Last Call from WG Document
2018-11-03
00 Dieter Sibold Added to session: IETF-103: ntp  Tue-1610
2018-07-04
00 Karen O'Donoghue Added to session: IETF-102: ntp  Wed-0930
2018-06-28
00 Karen O'Donoghue This document now replaces draft-mlichvar-ntp-interleaved-modes instead of None
2018-06-28
00 Miroslav Lichvar New version available: draft-ietf-ntp-interleaved-modes-00.txt
2018-06-28
00 (System) WG -00 approved
2018-06-28
00 Miroslav Lichvar Set submitter to "Miroslav Lichvar ", replaces to draft-mlichvar-ntp-interleaved-modes and sent approval email to group chairs: ntp-chairs@ietf.org
2018-06-28
00 Miroslav Lichvar Uploaded new revision