✘NTS and ALPN

Gary E. Miller gem at rellim.com
Tue Aug 20 19:29:07 UTC 2019 

Yo Achim!

On Tue, 20 Aug 2019 21:22:13 +0200
Achim Gratz via devel <devel at ntpsec.org> wrote:

> Gary E. Miller via devel writes:
> >>  Dan's patch removed
> >> collapsed the internal list to a single element that is already
> >> stripped of its length byte,  
> >
> > Yes.  That was intentional.  
> 
> As a hotpatch (and demonstration oof the issue) it's OK, as a longterm
> fix not.  All IMHO of course.  Btw, I'd expect a decent compiler to
> optimize the inner loop away as it's all based on static data.

So, not a problem?

> >> so it doesn't conform to the ALPN data
> >> structure description anymore.  
> >
> > Already discussed here.  Right or wrong, NTS was not compatible with
> > the other NTS implementations.  Dan's patch makes NTS compatible.  
> 
> As does mine.

Plus the extra stuff we are discussing that is currently not useful, as
noted by your code comments.

> > If all the other NTS are doing it wrong, then you need to take it up
> > with them.  
> 
> NTPsec was doing the wrong thing, and nobody but you insisted
> otherwise.

Uh, no.  I never insisted.  I have stated before, and now, that I have
NOT looked at the code OR the spec.  I am only going by what others have
told me.  I take no position on what is correct.

> >> Consequently it also omits any code
> >> to traverse the internal list, both of which will come back to bite
> >> you when you do need to support the second protocol.  
> >
> > Are there any plans for that?  I don't remember hearing any.  No
> > need for code to implement some vauge future possible change.  
> 
> Yes.  The currently supported protocol is "ntpsec/1", which is not yet
> frozen in fact.  That will change as soon as that RFC is accepted and
> then any changes or extensions will need to define a new protocol
> version.

Yes.  But then the old one must go away.  So no need for fancy code
that does nothing now, or then.

> >> The previous changes introduced by Hal also check for things that
> >> the API clearly state need not be checked (there is explicit
> >> guidance that the callback we implement can assume the syntactic
> >> structure of the input data is correct).  
> >
> > Hal had weeks to look at it.  Did he miss something?  
> 
> I'm not making any guesses about other folks' state of mind, just
> pointing out what I see in the code.

Well, either it interoperates, or it does not.  And it seems to
interoperate now.  So I'll leave it for now.

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem at rellim.com  Tel:+1 541 382 8588

	    Veritas liberabit vos. -- Quid est veritas?
    "If you can't measure it, you can't improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190820/fc74ff3e/attachment.bin>

More information about the devel mailing list