[ntpwg] Antw: NTPv5 suggestions

todd glassey tglassey at earthlink.net
Mon Jan 23 20:12:37 UTC 2012 

On 1/23/2012 7:11 AM, Warner Losh wrote:
> 
> On Jan 23, 2012, at 1:34 AM, Ulrich Windl wrote:
>> if NTP ist using UTC as time "format", why have a timezone? I don't get it.
> 
> Not so much timezone, but it would be useful for distinguishing when people are running "GPS" time servers, or TAI servers, or the new putative "TI" time that might happen if leap seconds are ever abolished.  Some crazy people are talking about running their servers on UT time.  A token would allow dissimilar servers to not accidentally freak when they communicate.
> 
> Warner

True - so the issue becomes how the policies of the time practice are
implemented. If there are policies like "We only want to take time from
TI type systems" then these would need some way of being integrated with
existing system models.

Also, there are other tools setting up time servers, and they (NEA and
DHCP) both need to be able to deal with those issues.

As I have said to several off you offlist - we are building a new
version of NTP which is totally policy-control centric with the wondrous
(and YES DAMNIT I MEAN THAT) time transfer practice and timely interrupt
processing models that NTP is based on. We call it Secure Time Protocol
or sec*tp for short.

SEC*TP takes NTP and breaks the auth token and policy controls out from
the daemon itself and places them into a proxy layer which handles them
and then passes the data into a NTP port type model.

Functionally our model does away with Autokey by creating a OOB
proxy/controller node which sets up the time-setting and time-tracking
event.

The structure of the NTP service is rock-solid because the event
certifying tokens are delivered to both the client and the intended
server(s) through an OOB SSL Tunnel based interface.  This is used to
setup a OTPW and ON-DEMAND TOKEN based time service model which is
really going to be hard to do anything nasty too.

Additionally the service works independently between PTP and NTP
transports and can create the proper tokens therein.

YES WE WILL RELEASE IT ONCE ITS DONE, but we filed for a patent on this,
and if the group wants to see this IP we are willing to disclose it here.

Todd

> 
>> Regards,
>> Ulrich
>>
>>>>> todd glassey <tglassey at earthlink.net> schrieb am 22.01.2012 um 20:49 in
>> Nachricht <4F1C683D.4010307 at earthlink.net>:
>>> Because of all of the pain on which timescale should be used, NTP should
>>> also allow the transmission of a TZ Token identifier of some form in the
>>> packet.
>>>
>>> This is for forensic use more than anything but would be valuable in a
>>> number of audit models for NTP.
>>>
>>> It also makes sense that it should be able to message the client app
>>> about what issues it needs to do to the time to make it proper for the
>>> client's location. Those issues are outside of traditional
>>> synchronization models but should be considered too herein.
>>>
>>> todd
>>
>>
>>
>>
>>
>> _______________________________________________
>> ntpwg mailing list
>> ntpwg at lists.ntp.org
>> http://lists.ntp.org/listinfo/ntpwg
>>
>>
> 
> 


-- 
Todd S. Glassey
This is from my personal email account and any materials from this
account come with personal disclaimers.

Further I OPT OUT of any and all commercial emailings.

More information about the ntpwg mailing list