[ntp:questions] Re: Reach error codes

David L. Mills mills at udel.edu
Thu Jan 26 18:10:42 UTC 2006


Danny,

For background see the PTTI paper by folks at NIST, USNO, UWisc and 
myself about ill-behaved NTP clients at 
http://www.eecis.udel.edu/~mills/database/papers/ptti/ptti04a.pdf. I 
suspect you already know about those incidents. The rfc4330 is the 
result of the ID I cited which gives very explicit behavior expectations 
of any NTP client. The RFC I downloaded from the IETF list is at 
http://www.eecis.udel.edu/~mills/database/rfc/rfc4330.txt. However, that 
RFC is no longer on the IETF ist for whatever reason.

I have for a long time not been in favor of distributing an SNTP version 
in the same package as NTP. That and perhaps other items in the current 
distribution should be packaged separately. I say this because those who 
want only SNTP should be able to download a specific package without all 
the cruft of the entire distribution. Doing that also provides 
responsiblity separation and plausible deniability should the SNTP 
client do something evil.

Having said that, and in view of the stir the original NIST, USNO and 
UWisc incidents and the RFC, there should be a definitive statement of 
compliance in any SNTP distribution leaving here. Having accomplished 
that, the next step is to beat on the manufacturers like Symmetricom, et 
al, to swear compliance. I think you see where this is going and the 
importance of the mission.

Dave

Danny Mayer wrote:
> David L. Mills wrote:
> 
>>Harlan,
>>
>>I asked the question some time ago whether you or another author
>>stipulated that the SNTP client does or does not comply with the
>>proposed ID update of rfc2030, which has apparently become rfc4330. I
>>say apparently, because I saw and downloaded it a few jiffies ago, but
>>it is not in the RFC list now. In any case, I did not get an answer.
>>
>>Dave
> 
> Dave,
> 
> Is this in the reference implementation? I'd have to look at the RFC to
> understand what you mean about the proposed ID update RFC2030.
> 
> Danny
> _______________________________________________
> questions mailing list
> questions at lists.ntp.isc.org
> https://lists.ntp.isc.org/mailman/listinfo/questions
> 




More information about the questions mailing list