Network Time Protocol Suggest REFID Extension Field
This is an older version of an Internet-Draft whose latest revision state is "Expired".
Expired & archived
|Last updated||2016-09-15 (Latest revision 2016-03-14)|
|RFC stream||Internet Engineering Task Force (IETF)|
|Additional resources||Mailing list discussion|
|Stream||WG state||Candidate for WG Adoption|
|Send notices to||(None)|
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
NTP has been widely used through several revisions, with the latest being RFC 5905 [RFC5905]. A core component of the protocol and the algoritms is the Reference ID, or REFID, which is used to identify the source of time used for synchronization. Traditionally, when the source of time was another system the REFID was the IPv4 address of that other system. The purpose of the REFID is to prevent a one- degree timing loop, where if A has several timing sources that include B, if B decides to get its time from A we don't want A then deciding to get its time from B. The REFID is considered to be "public data" and is a vital core-component of the base NTP packet. If a system's REFID is the IPv4 address of its system peer, an attacker can try to use that information to send spoofed time packets to either or both the target or the target's server, attempting to cause a disruption in time service. This proposal is a backward- compatible way for a time source to tell its peers or clients "If you use me as your system peer, use this nonce as your REFID." This nonce SHOULD not be traceable to the original system, and if it is used as the REFID this type of attack is prevented.
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)