Minutes interim-2019-ntp-02: Wed 15:30
minutes-interim-2019-ntp-02-201905291530-00
| Meeting Minutes | Network Time Protocols (ntp) WG | |
|---|---|---|
| Date and time | 2019-05-29 15:30 | |
| Title | Minutes interim-2019-ntp-02: Wed 15:30 | |
| State | Active | |
| Other versions | plain text | |
| Last updated | 2019-07-25 |
minutes-interim-2019-ntp-02-201905291530-00
NTP WG INTERIM MEETING, 2019-05-29
==================================
Participants
------------
Karen O'Donoghue, Dieter Sibold, Thomas Peterson, Tal Mizrahi, Danny Mayer,
Denis Reilly, Harlan Stenn, Miroslav Lichvar, Kristof Teichel, F. Gont, Watson
Ladd
1. Administrative and Agenda Bashing
- No agenda bashing
- No objection to record the meeting
- Tal: Slides are not online yet
2. TICTOC quick document status
- YANG data model is published as RFC 8575
- IEEE 1588 Enterprise Profile is submitted to the IESG.
- After publication of the Enterprise Profile the TICTOC WG will be
closed
3. NTP quick document status
- BCP is in Editor Queue
- MAC draft is in Auth 48
- Shepard writeup for the drafts NTS for NTP und Guidelines for
Defining Packet
Timestamps are in preparation
- Draft YANG Data Model for NTP in Yang Doctor review
4. Discussion on documents (working group and individual) that have been
updated
- Interleave Mode
- Miroslav: updated a new version. Changes in request of the
last meeting.
Two paragraphs have been changes. Ready to be advanced. No
questions.
- Summary: this draft is going to the IESG
- Roughtime
- nobody of the authors are online
- Correction field and Short Extension field
- Miroslav: No changes to both documents
- Summary (Karen): will leave it on the list and looking for
the progress of the
various extension field draft
- Port Randomization
Discussion:
- F Gont: The usage of port 123 of NTP traffic is not necessary.
Various research has found that the usage of predictable port
number is problematic and should be avoided.
- F Gont: This I-D will make NTP compliant to BCP 156.
- Danny: Presumably this draft improves security. It does not
improve
security
- F Gont: An attacker has to guess what port is in use.
Randomization will make
this more difficult
- Danny: does not accept the arguments
- Karen: any other comments
- Gont: this is the same discussion as with other protocols
years ago - Gont: the problem applies to to all transport
protocols - Karen further comments? - Miroslav: this is useful
and should be adopted - Karen: any other question - Kristof:
should be adopted to be discussed - F Gont: most NTP
implementation already randomize the port number. - Danny:
Problem with a NTP instance that is a client and a server. What
do you
gain?
- Harlan: the client can already use other port number
- F Gont: It is not good practice to leave this decision to the
implementation - Danny: there are not only four variable that
identify an association but five - F Gont: This is ture of the
application layer. I speak about the transport
layer. This draft improves security on the transport layer
- Watson: we had issues because of the fixed port number 123.
DDoS attacks - Karen (without the chair's hat): we need to have
better reasoning for adopting
this draft.
- F Gont: this draft follows the work of the transport area and
which is
formulated as a BCP. The Transport area should be involved.
- Karen: the argument that there is a BCP is very compelling.
We should seriously
consider to adopt it.
- Danny: just because there is a BCP it does not apply to any
protocol. - Karen: That true, but we need to consider the BCP
and have to formulate that
it does not apply to NTP.
- F Gont: you need to make a good argument that the BCP does
not apply for NTP - Summary (Karen): we need to consider the
BCP and have to decide later if we
adopt this draft.
- Roughtime
- Watson: Usage of MJD for leap second issues, some other
changes, ... - Karen: further question? - Discussion about the
need to consider delay attacks and bounded RTT in the
draft (Tal, Watson, Kristof)
- Summary (Karen): Please, think about this and discuss it on
the mailing list
5. AOB (Any Other Business?)