From owner-freebsd-current@FreeBSD.ORG Mon Feb 24 15:34:12 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 892C19A6 for ; Mon, 24 Feb 2014 15:34:12 +0000 (UTC) Received: from mail.lhr1.as41113.net (mail.lhr1.as41113.net [91.208.177.22]) by mx1.freebsd.org (Postfix) with ESMTP id 4858A1434 for ; Mon, 24 Feb 2014 15:34:11 +0000 (UTC) Received: from [172.21.87.41] (unknown [212.9.98.193]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: lists@rewt.org.uk) by mail.lhr1.as41113.net (Postfix) with ESMTPSA id 3fXnPv3qZ4z7rC7 for ; Mon, 24 Feb 2014 15:34:27 +0000 (UTC) Message-ID: <530B666A.1000800@rewt.org.uk> Date: Mon, 24 Feb 2014 15:34:02 +0000 From: Joe Holden User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0 MIME-Version: 1.0 To: freebsd-current@freebsd.org Subject: Re: ntpd replacement (Was: Re: Import of DragonFly Mail Agent) References: <20140223211155.GS1699@ithaqua.etoilebsd.net> <530B13CA.6000005@rewt.org.uk> <33612.1393235765@critter.freebsd.dk> <20140224100036.GA1699@ithaqua.etoilebsd.net> <530B2500.5030608@rewt.org.uk> <37319.1393239415@critter.freebsd.dk> <530B2750.3050200@rewt.org.uk> <20140224110842.GA83610@ithaqua.etoilebsd.net> <530B2953.3030901@rewt.org.uk> <20140224111745.GA13864@roberto-aw.eurocontrol.fr> <530B2C7E.3050208@rewt.org.uk> <530B2DEE.3030808@rewt.org.uk> <45248.1393249947@critter.freebsd.dk> In-Reply-To: <45248.1393249947@critter.freebsd.dk> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Feb 2014 15:34:12 -0000 On 24/02/2014 13:52, Poul-Henning Kamp wrote: > In message <530B2DEE.3030808@rewt.org.uk>, Joe Holden writes: > >> The other point I should make here is that if you care that much about >> time security you shouldn't be contacting ntp servers over 3rd party >> networks anyway, at least not without some IP-level >> encryption/authentication, or use a source that can't easily be used as >> an attack surface, such as GPS/MSF etc. > > Please check how NTP is authenticated before giving bad advice, > it's all in the RFC. > v3 or v4? It is an optional part of the spec in both cases and again isn't required for 99% of people using ntpd as a client, which was the entire point of this exercise in the first place. If the argument is that X feature is missing then we may as well replace sendmail with exim as it has even more features, for example. But most importantly, explain how it was bad advice? There are provisions for integrity checking (not authentication) and autokey. My point was that if you need to authenticate ntp to avoid mitm-style attacks then perhaps the setup you have is wrong. If there is something huge I have missed then feel free to correct me!