[Last-Call] Intdir telechat review of draft-ietf-ntp-chronos-17

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Reviewer: Tim Chown
Review result: Ready with Nits

Hi,

I have reviewed this document as part of the Internet Area directorate's
ongoing effort to review all IETF documents being processed by the IESG.  These
comments were written with the intent of improving the operational aspects of
the IETF drafts. Comments that are not addressed in last call may be included
in AD reviews during the IESG review.  Document editors and WG chairs should
treat these comments just like any other last call comments.

This document describes a tool named Khronos which can be run alongside NTPv4
to mitigate against time-shifting attacks. It achieves this by running less
frequent (than NTP) queries to a small random set of NTP servers (around
~10-15) drawn from a large pool (perhaps ~500), and comparing the resulting
time offsets to those of the system NTP clock.

The document is generally well-written, and for its heavier theoretical detail
refers to a paper published elsewhere by the authors.

I believe the document is close to being ready for publication (Ready with
Nits). I have only a small number of general comments and nits.

General comments:

The term man in the middle (MitM) is used a lot, and includes scenarios where
an attacker owns the NTP server being queried.  Personally, I’d not consider
that a MitM attack as I’d consider the “middle” the elements between the client
and server.  Maybe clarify your meaning.

Is there an assessment of the impact on the existing NTP pool if Khronos is
widely implemented?  It seems that there will be more queries overall, but
perhaps to a more scattered set of servers?

On the security side, does it matter than an observer may be able to detect
when Khronos is being used, by its use of ~500 NTP servers instead of the usual
small fixed number of servers?

Also, how ‘random’ is the selection of servers from the pool?  Might it be
predictable, and if so does that pose risks?

I suppose certain MitM vulnerabilities are more ‘sweeping’ than others, like a
bad actor controlling a major or exclusively used uplink, and thus rather
harder to even impossible to mitigate?  This is the worst case of the second
scenario in 4.3? (Which also seems to say >2/3 controlled, then just below 1/4
controlled?).

Nits:

The word ‘byzantine’ is used several times before it is explained, even with
forward references (except in the start of 4.1) to 4.3, and then in 4.3 I can't
find any use of the word. It would be nice to have it explained on first use.

In a few places the section referencing appears as Section Section.

A couple of Khoronos instances (extra ‘o’).

Best wishes,
Tim


-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux