Incompatible changes, security, and good practice

Gary E. Miller gem at rellim.com
Thu Oct 6 23:52:59 UTC 2016


Yo Daniel!

On Thu, 6 Oct 2016 19:31:45 -0400
Daniel Franke <dfoxfranke at gmail.com> wrote:

> On 10/6/16, Gary E. Miller <gem at rellim.com> wrote:
> > This is NOT an all or nothing decision.  There are other ways to
> > mitigate this problem that do not involve major silent breakage.  
> 
> You've argued this a few times, but you still haven't specified what
> you have in mind.

Well, actually, I have, many times, I just got tired of no active
engagement...

> I think you mentioned that you'd be happy with just changing "peer" to
> be a synonym for "server", which basically amounts to desupporting
> symmetric active mode and changing those systems to behave as ordinary
> clients.

Ah, so you were listening.  This change painlessly upgrades less
secure configuration to more secure configuration.  It breaks nothing.
Maybe it should be coupled with an INFO log for anyone paying
attention.

> I could make a similar change to the way symmetric passive mode works:
> when a host gets a symmetric active mode request, immediately reply
> with a symmetric passive response, but *don't* set up a new
> association. Basically, respond in the same way it would respond to a
> client-mode packet, just with the mode field in the response changed
> from 4 to 2.

I don't understand the protocol, but easy enough to test.

My goal would be to not break old clients, and if NTPsec can improve
their security then great.

> So, if you update the passive side, symmetric active peers keep
> working. The passive side will no longer sync to the active side, but
> the active side will keep syncing to the passive side. If you update
> the active side, it switches to just being a client of the passive
> side, and therefore continues syncing to it.

I can't say I understand all that, but I'd love to test it.

> This still ends up being a silent behavior change, because passive
> peers silently stop syncing to the active peers. But it achieves
> security, and breaks fewer things.

Easy to make it less silent, just add some logging.  Just like an EULA,
98% will ignore it, but the few clueful get the message and work
for positive change.

I expect too soon to know what it might break, but I'm game to try
anything less intrusive than the current solution.

I suspect there may be some fun issues with how this works with crypto,
but that way out of my knowledge space.  let's try it and see what
breaks.

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem at rellim.com  Tel:+1 541 382 8588
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ntpsec.org/pipermail/devel/attachments/20161006/74ba2369/attachment.bin>


More information about the devel mailing list