[ntp:questions] Windows Time with NTPv4

David L. Mills mills at udel.edu
Wed Mar 12 14:23:24 UTC 2008


Martin,

Thanks for the link. What astonishes me is that, while Microsoft clearly 
understands the issue, they refuse to change the default. I cling to my 
conclusion this is a purposeful attempt to enhance product differentiation.

The workaround is clearly dangerous for the general application and can 
lead to serious misconceptions with respect to the stated model defined 
in the specification. Symmetric modes are designed to provide push-pull 
synchronization with cryptographically secure configurations. When such 
is not the intent, client/server mode is specified.

The workaround should be under control of a build define, normally 
disabled, and with a note in the code pointing to the KB article.

Dave

Martin Burnicki wrote:

> Dave,
> 
> David L. Mills wrote:
> 
>>Martin,
>>
>>Thanks for the reminder. In the six years hence the code has gone
>>through a number of securiy audits and defensive adjustments, one or
>>more of which might have plugged the hole. The code at time.nist.gov is
>>4.1.1b, which must be before 4.1.1c, dated 10 June 2003, and has the
>>hole plugged, so the hole got plugged before that.
> 
> 
> Hm, a search in the bitkeeper changelogs yields:
> 
> 2002-08-04 (6 years) stenn 1.892
> Attempt to compensate for Microsoft's protocol violations.
> From: Dave Mills.
> 
> However, the most recent entry in the Changelog file from the v4.1.1b
> tarball is:
> 
> ChangeSet at 1.786, 2002-02-26 22:44:34-05:00, stenn at whimsy.udel.edu
>   ntp-4.1.1
>   TAG: NTP_4_1_1
> 
> Yes, the changlog still had a date stamp those days, and this one seems to
> indicate that 4.1.1b has been release *before* the workaround for MS had
> been introduced.
> 
> Anyway, those days the 4.1.1 versions were from the -stable branch whereas
> the ntp-dev versions were 4.1.7x.
> 
> Since the workaround was added to ntp-dev it appeared (at least in the
> changelog file) in the v4.1.73 tarball, which was released 2003-01-22.
> So that workaround for w32time clients has never been in v4.1.1x versions,
> however, it is in v4.2.0.
> 
> Looking through the changesets reveals that the workaround was modified and
> finally removed in March/April 2005.
> 
> 
>>There is talk about the code being audited by someone other than me, in
>>which case the hole might get plugged again.
> 
> 
> Maybe a comment in the code saying *why* this specific handling has been
> added would prevent it from being removed. 
> 
> 
>>Does the Meinberg workaround appear in Microsoft KB?
> 
> 
> We've been searching for the reason of this problem with one of our
> customers, and the first hint was in this news article at
> microsoft.public.windows.server.migration:
> http://groups.google.com/groups?selm=qREQ%248lrDHA.2308%40cpmsftngxa06.phx.gbl
> 
> This was forwarded to the German MS support who had been unable to help our
> customer earlier. So finally a KB article was written on this topic. The KB
> article was first used by MS internally only and then published, AFAIR in
> 2004:
> http://support.microsoft.com/?scid=kb;en;875424
> 
> Martin




More information about the questions mailing list