Skip to main content

Minutes interim-2017-ntp-01: Thu 15:00
minutes-interim-2017-ntp-01-201705251500-00

Meeting Minutes Network Time Protocols (ntp) WG
Date and time 2017-05-25 15:00
Title Minutes interim-2017-ntp-01: Thu 15:00
State Active
Other versions plain text
Last updated 2017-06-18

minutes-interim-2017-ntp-01-201705251500-00

NTP WG INTERIM MEETING

25 May 2017, 3 pm UTC

PARTICIPANTS:

Aanchal Malhotra, Ankit Kumar Sinha, Daniel Franke, Danny Meyer, Dave
Mills, Denis Reilly, Dhruv Dhody, Dieter Sibold, Harlan Stenn, Karen
O’Donoghue, Kristof Teichel, Kyle Rose, Miroslav Lichvar, Peter Meyer,
Richard Welty, Robert Nay, Robert Annessie, Ronan Flood, Sharon
Goldberg, Steward Bryant, Sue Graves, Tal Mizrahi, Yaakov Stein, Scott
Fluhrer

-   Karen: Presentation of IETF Note Well
-   Nobody opposed to record this meeting

AGENDA

-   Network Time Security
-   BCP
-   Data Minimization
-   Message Authentication Code
-   Extension fields and RefID
-   YANG Data Model
-   AOB

OVERVIEW/SUMMARY/NEXT STEPS FOR THE NTS DOCUMENTS.

draft-ietf-ntp-network-time-security
draft-ietf-ntp-network-time-security

-   Daniel reported on the draft 'draft-ietf-ntp-network-time-security'.
    -   The normative parts of the draft are more or less final.
    -   The Security Consideration section will be extended before the
        next submission.
    -   Daniel plans to submit the changed version by the end of March
        and will request the WGLC for it immediately after. The WGLC
        will cover the draft 'draft-ietf-ntp-network-time-security'
        only. It will not cover the other NTS related specifications.
    -   Summary of the changes:
        -   Reduction of the size of the NTS next protocol negotiation
            record
        -   Changes to the IANA Consideration section
        -   Corrections of some inconsistencies which results from the
            removal of the DLTS packet smuggling
        -   Management of keys and cookies for load balanced servers
-   Karen proposes to give the working group a one week time frame to
    comment on the draft. After that period the the WGLC shall be issued
    if there is no objections against it. She would like to have a
    virtual interim meeting by the end of June to discuss the results
    from the WGLC. Because this interim meeting would take place just
    two weeks before the next IETF meeting all participants agreed to
    not have it.
-   Kristof will update the generic draft
    'draft-ietf-ntp-network-time-security' by the end of June.

Summary

-   Daniel to publish update by 26 May.
-   WG has until 31 May to indicate that the document is NOT ready for
    working group last call (WGLC)
-   If no strong opposition, document will go to WGLC in early June.
-   Kristof will work on updating the generic NTS document by the end of
    June.

BCP: OVERVIEW/SUMMARY/ NEXT STEPS FROM THE WGLC

draft-ietf-ntp-bcp

-   In April Denis submitted an update of the document. The changes were
    based on the comments received during the WGLC period.
-   An additional update of the documents were submitted last Monday
    (version 4), based on some additional feedback. It contains text
    changes for the leap seconds, autokey, anycast sections.
-   Denis points out that even when the document talks about the
    reference implementation it brings up ideas that are applicable to
    other implementations as well.
-   Denis makes clear that all the feedback of the WGLC are incorporated
    into the latest version of the draft.
-   Karen asks if we received feedback that indicates that the draft is
    not ready for publication if this feedback is not incorporated.
-   Denis: Daniel suggested mandatory changes to the autokey section in
    order to approve the document. The draft was updated accordingly.
    This was the only feedback that was requested to be fixed.
-   Daniel indicates no objection to the changes made.
-   Karen: if there are no opposition by tomorrow it can be submitted
    for publication.
-   Karen describes the next steps necessary for publication of the
    document. Next steps include approval by the AD, a IETF Last Call,
    IESG review.
-   Sharon ask for the appropriate time to sum minor comments on the
    draft.
-   Denis ask for a dead line for minor changes.
-   Karen: Minor changes until May 31th.

Summary

-   Update addressing all WGLC comments has been published.
-   WG has until 31 May to indicate that the updated document should NOT
    be forwarded to the IESG.
-   Chairs will forward to IESG in early June if there is no strong
    opposition.

WAY FORWARD FOR

draft-dfranke-ntp-data-minimization-02

-   Karen: There have been no objections to adopt this draft. It will be
    approved as a WG document
-   Daniel will submit a new version of the draft. It will contain a
    change regarding the precision field which was requested by Harlan.
-   Sharon points out that with regard to data minimization it makes
    sense to also minimize the information leak in the refid field.
    Together with Harlan she is working on this subject, e.g. in the
    not-you draft. Should this work go into this draft also?
-   Daniel points out that his data minimization draft pertain only to
    client and not server packets. He assumes that his draft and the
    not-you draft are orthogonal.
-   Sharon points out that an adversary can easily request information
    from a server that can be utilized for an attack. Data minimization
    should minimize this also for the server packets. Why mode 1 and
    mode 2 packets are not addressed by the draft?
-   Daniel: The goals of this draft are to solve the unlinkability issue
    with NTP and strengthened the unpredictability of the origin
    timestamp.
-   Sharon: NTP is a hierarchical protocol. Clients may also be server.
    Therefore, data minimization should consider client and server
    packets also.
-   Daniel will submit the new version of his draft and will wait for
    further comments about what should go into it.
-   Harlan expresses that it is fine to allow this draft to be applied
    in WAN environments but it should not be required to be applied in
    LAN environments. As Daniel points out, this draft requires only
    that a server must not reject packets which comply with this
    document. There are no additional hard requirments.
-   Karen: The time line for this document is about one month to do an
    initial review before a WGLC is issued. Next steps will be discussed
    during the Prag meeting.

Summary

-   Adopted as a WG document, Daniel will publish as a wg document
-   Working group will have about a month to review, if no major issues
    identified will proceed to WGLC in early July.

WAY FORWARD FOR

draft-ietf-ntp-mac-00

-   Aanchal reports that there were no comments or objections to this
    draft. Consequently, there are no changes. She recommend to issue a
    WGLC for it.
-   Karen: This is a short and straight forward draft. She would like to
    issue a WGLC. Any objections should be placed before 31th May.
-   No opposition.
-   Short discussion about agility of applied algorithms between Danny,
    Harlan and Karen.
-   Daniel: no objections for WGLC. He will place an feedback during
    WGLC.

Summary

-   Document is stds track updating RFC 5905
-   WG has until 31 May to indicate that the document is NOT ready for
    working group last call (WGLC)
-   If no strong opposition, document will go to WGLC in early June

WAY FORWARD FOR DRAFTS RELATED TO EXTENSION FIELDS AND REFID STUFF

draft-ietf-ntp-refid-updates
draft-stenn-ntp-suggest-refid
draft-stenn-ntp-i-do

-   Karen: There has been a lot of discussion which of the drafts should
    go on and which should be combined.
-   Danny suggest only to publish one refid draft only.
-   Harlan opposes. He already combined different refid drafts.
-   The refid-update draft is moving forward although it is currently
    expired (Sharon is working on this draft)
-   Sharon regards the not-you-refid draft as very important especially
    in the context of data minimization and unlinkability (it will be
    re-submitted by Harlan and Sharon)
-   Karen asks Harlan to submit a roadmap for the extension field and
    refid drafts to the WG, so that the WG knows what is currently on
    the agenda.
-   Tal supports Karen's suggestion to separate new features from RFC
    7822bis. In case we decide to do a RFC 7822bis he proposes to use
    'pseudo code' to clarify the changes.
-   Karen supports Tal's suggestion.
-   Harlan opens the discussion of having a single documents for each
    extension field or one document for all extension fields.
    -   Daniel opposes to both extremes. He suggest to combine logically
        related extension fields into a single document. Like for
        example NTS.
    -   Karen points at that set of extension fields may be publish as
        single RFCs and over time these RFCs can be rolled into a master
        documents.
    -   Daniel suggest that such an consolidation should be done with a
        new NTP version.
    -   At this point Karen interrupts this discussion. The rules of the
        consolidations can be defined later.
-   Karen reiterates that documents should be re-submitted for the
    meeting in Prag.

Summary

-   Harlan/Sharon will republish
    https://datatracker.ietf.org/doc/draft-ietf-ntp-refid-updates/
-   Harlan will provide a summary/roadmap for the remaining expired
    drafts (near term plan)
-   Harlan/Danny will insure that
    https://datatracker.ietf.org/doc/draft-mayer-ntp-mac-extension-field/
    is covered somewhere

OVERVIEW/SUMMARY/NEXT STEPS FOR THE YANG MODEL

draft-wu-ntp-ntp-cfg

-   Ankit presents changes in the YANG data model between version 2 and
    3 of the draft. The changes are (details see presentation:
    https://www.ietf.org/proceedings/interim-2017-ntp-01/slides/slides-interim-2017-ntp-01-sessa-a-yang-data-model-for-ntp-00.pdf)
    -   Yang tree rearranged as per
    -   NTP Interface
    -   Use of presence
    -   Yang Data-type correction
    -   Removed autokey
-   No changs to the peer mode.
-   Ankit asks for WG adoption and more review comments
-   Danny points out a problem with the Yang date and time format of
    timestamps. NTP timestamps are 64 bit decimal. They are data no
    timestamps.
    -   Tal supports the usage of decimal. Date and time does not make
        sense in this case.
    -   Dhruv suggest to use both date and time and probably decimal.
        From the management point of view it would be helpful to have
        also data and time. They will clarify this.
-   The Yang Model must be adjusted if new extension fields are
    published.
-   Harlan ask for the concept of authorization. YANG and Netconf have a
    security concept for authorization, which is not yet adopted. This
    can and should be done in future versions.
-   No opposition to adopt this as a WG document.

Summary

-   Karen will issue a WG call for adoption of the draft

AOB

-   Danny: will revises the mac-extension-field draft. Harlan indicates
    that this is already incorporated by Harlan in one of his drafts.
-   Denis: TICTOC staff: What is the status of the Enterprise profile?
    -   Karen: the plan is to publish the draft. She will remind Doug to
        proceed with it.
-   Kyle: ask for the purpose of the draft-ietf-ntp-mac draft because
    there is not much normative language. It should be more descriptive.
    It also needs test vectors.
    -   Aanachal makes clear that the main purpose of this draft is do
        deprecate the MD5 legacy MAC. To use it for NTP packets it needs
        more descriptive language.
    -   The draft 'draft-ietf-ntp-mac' will be a standard track update
        to RFC 5905.