[ntpwg] [ntp:hackers] Handling authentication extensions (was MS-SNTP)
David L. Mills
mills at udel.edu
Mon Apr 7 02:28:50 UTC 2008
Danny,
The version suggestion is a red herring. See my proposed Section wording.
Dave
Danny Mayer wrote:
> David L. Mills wrote:
>
>> Danny,
>>
>> I'm baffled by your comments. The current NTPv4 spec says nothing
>> about Autokey and makes no interpretation about the type field. The
>> parser can and does step through the extension fields without knowing
>> anything about the contents in order to find the MAC. The MAC can't
>> be in an extension field without violating backwards compatibility
>> with symmetric-key NTPv3 and NTPv4.
>>
>> The current extension field design evolved from 1996 and was first
>> formally proposed in 2000. It has been through two Autokey versions,
>> both with the same extension field format. The point being that it is
>> a little late to change it. The further point being that, without
>> breaking backwards compatibility, it is easy to add new tenants of
>> the extension fields. Break the version field into class/version
>> nibbles. This requires no change to the existing Autokey
>> implmentation, as it ignores other than class 0, version 2..
>>
>> Dave
>
>
> No, versioning does not belong in that field. It belongs in the
> extension itself. If need be we can take a bit in the extension field
> (or reduce the length field by one bit to accommodate a way to signal
> the type of extension, 0 for current behavior and 1 for new behavior.
> We are unlikely to use 32535 bytes for this information anyway so we
> don't really lose anything by doing this.
>
> Danny
More information about the ntpwg
mailing list