ntp.conf changes for NTS

Gary E. Miller gem at rellim.com
Thu Jan 31 20:39:25 UTC 2019 

Yo Achim!

On Thu, 31 Jan 2019 21:16:25 +0100
Achim Gratz via devel <devel at ntpsec.org> wrote:

> Gary E. Miller via devel writes:
> >> I think you'd
> >> need to reconnect to the NTS-KE, but at least need to re-key the
> >> TLS session  
> >
> > Why?  To get new C2S and S2C?  
> 
> Yes.

The C2S and S2C already get reused millions of times, what's a few more
million?

> >> before asking for the next server in that scenario.  
> >
> > Which is the big issue.  How does an NTPD client connect to an
> > NTS-KE and ask for a "next server"?  The NTS-KE server has no
> > state, so it has no idea of next.  
> 
> The NTS-KE does have a state with the client, which is precisely the
> state associated with the TLS connection, which is also the base for
> deriving the S2C and C2S keys.

But, as you said, the TLS "has" to be renogotiated, so that state is lost
for the next request.

> > The NTPD client has no way to tell the NTS-KE server what
> > servers it already has cookies for.  
> 
> ...if the method of asking the NTS-KE a second time is to close the
> current and then open a new session.  That's why I'm thinking it would
> be useful to keep the connection and just rekey it so the NTS-KE
> doesn't give out the same server again.

Which would be a big change to the Proposed RFC, so an interoperability
issue.  No current way to ask for "not the same server".  No way to ask
how many are available.


> > I suspect it is better for the NTPD client to as the NTS-KE server
> > for "X" number of NTPD servers, but the protocol has no way to do
> > that.  
> 
> I think that's one of the things to figure out before the RFC goes to
> vote.

The Proposed RFC gets locked down long before any vote.  It may already be
too late.

> > Next virtual meeting of the NTP WG is Feb 12.  Maybe we should get
> > some of these issues on their agenda?  
> 
> Who is going to participate?

Daniel Franke is usually our guy.  Dunno if he is following this discussion,
so we should give him an issue document.

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem at rellim.com  Tel:+1 541 382 8588

	    Veritas liberabit vos. -- Quid est veritas?
    "If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190131/d722d15b/attachment-0001.bin>

More information about the devel mailing list