Skip to main content

Last Call Review of draft-ietf-ntp-port-randomization-06
review-ietf-ntp-port-randomization-06-secdir-lc-turner-2021-03-21-00

Request Review of draft-ietf-ntp-port-randomization
Requested revision No specific revision (document currently at 08)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2021-02-25
Requested 2021-02-11
Authors Fernando Gont , Guillermo Gont , Miroslav Lichvar
I-D last updated 2021-03-21
Completed reviews Tsvart Last Call review of -06 by Brian Trammell (diff)
Secdir Last Call review of -06 by Sean Turner (diff)
Genart Last Call review of -06 by Meral Shirazipour (diff)
Assignment Reviewer Sean Turner
State Completed
Request Last Call review on draft-ietf-ntp-port-randomization by Security Area Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/secdir/fdE_YREU1pBsUThWenUXKL2eCfg
Reviewed revision 06 (document currently at 08)
Result Ready
Completed 2021-03-21
review-ietf-ntp-port-randomization-06-secdir-lc-turner-2021-03-21-00
Hi! I am doing this review as part of the Security Directorate.

This I-D updates NTP v4 [RFC 5095] to recommend the use of transport-protocol
ephemeral port randomization for those modes where use of the NTP well-known
port is not required. The port randomization recommendation is based on BCP 156
[RFC6056], which recommends the randomization of transport-protocol ephemeral
ports. This I-D is in fact co-authored by one of the co-authors of BCP 156. The
I-D motivates the recommendation and enumerates some considerations as they
relate to NTP as well as identifies the exact changes (i.e., two-sentence
dstport replaced with more text). It also appears that this I-D is well
implemented as noted in the implementation status section.