NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.
ntp-4.2.8p15 was released on 23 June 2020. It addresses 1 medium-severity security issue in ntpd, and provides 13 non-security bugfixes over 4.2.8p13.
Are you using Autokey in production? If so, please contact Harlan - he's got some questions for you.
NTP Working Group
Wednesday, March 9 at 1300-1500
Minutes taken by Dave Marlow.
Intro/Agenda Bashing, Brian Haberman
The agenda was accepted as presented.
NTP WG Status and Charter, Karen O'Donoghue
The NTP WG is now an official working group (IESG notice 2/25/05)
Authors were identified for all four pre-defined documents:
- NTPv4 Scope and Requirements - Dave Plonka
- NTPv4 Protocol Specification - Jim Martin and Jack Burbank
- NTP Architecture and Algorithms Spec - Harlan Stenn, Bill Kasch
- NTPv4 MIB - Tim Plunkett
In addition another topic was identified from the mail list:
- NTPv4 DHCP Option - Rob Nagy has agreed to be the author if a document is required.
First priority is to get NTPv4 out. IPv6 and Security are part of this core goal.
NTPv4 Scope and Requirements, Dave Plonka
Dave is dividing the requirements between protocol and algorithms which is the same way that the WG has divided up the work. It was agreed that while the WG is standardizing existing practice, the requirements would attempt to gather additional requirements in order to document potential future efforts. Dave identified communities for gathering requirements which included the NTP community, and potentially NTP funding Organizations and in the case of the protocol requirements would also come from the STIME community and ISPs. Requirements are expected to include applications, configuration (e.g. key distribution), system performance, security, IPV6, robustness, and longevity/persistence.
At the conclusion of the discussion, someone brought up that there are legal (and other) reasons to identify the source of the time that is being distributed. It was recommended that people from the time source community be sought. The PKIX TSP, which time stamps for non-reputitation was identified in particular. Brian pointed out that that the major focuses for the WG have already identified for this WG.
NTPv4 Protocol Specification, Karen O'Donoghue
The authors have just been identified and thus there was no presentation on this topic. One draft which is progressing quickly was pointed out - draft-mills-sntp-v4.
Discussion and Wrap-up, Karen O'Donoghue
Karen mentioned that the address for the mail list that is in the WG Charter works now but may not in the future, everyone was asked to use firstname.lastname@example.org