Joint TICTOC/NTP WG meeting

TICTOC WG Status (Yaakov)
3 drafts in progress
mpls draft to be divided - control protocols to go to other working groups
MIB - 03 uploaded after blackout, believed to resolve everything
individual submissions: 2 current, 4 expired
is there anything we want to do with these documents?
is IPSec mandatory?
no Webex meetings since IETF83

ITU-T Q13/15 Update (Yaakov)
Meeting in Finland June 2012
Next meeting Sept 2012
No one who attended June meeting was present
Yaakov reviewed Stefano’s presentation

1588 over MPLS (Shahram Davari)
Yaakov: Isn’t boundary clock for LER different than ITU approach?
Shahram: Transparent clocks at LER and LSR supported
Plan to publish 03 after meeting, limited to data plane only
Other aspects move to more appropriate workgroups
AD requests that it is more generic - support NTP and other sync protocols
Yaakov: How do we indicate what is encapsulated?
Shahram: There will be a shim to indicate the type.
Yaakov: We need an index to all these drafts. Please include an index 
in the appendix to the main document.
Questions for the group:
* Should control word be mandatory for PW? Requiring it makes things simpler
 KG: Why not make it mandatory?
 Shahram: Some routers don't support it.
 Yaakov (as individual): Being required for PWE so OK to make mandatory
* Must not use entropy level?
* Allow PHP?
Yaakov: mainly for MPLS-TP, so probably OK.
* How to transport 1588 packets that don't require TC update? (separate LSP? Let LSRs parse?)
Yaakov: I am in favor of letting LSR make the decision.
* Support p2mp LSPs? Useful for sync messages.
Yaakov: ITU is not using it.
* Should protection be supported? FRR? 1:1, 1+1 ?
Yaakov: any protection mechanism is a bad idea for timing flows.
* Allow only VCCV types 1 and 4?
Chairs: Please send the questions to the list.
Need answers to above questions prior to respin.
Version 03 will be small because all signaling will be removed.
Karen: Do we need to finish all be before releasing others?
Shahram: Others will be depend on the first document. The first will not hang on the others.

1588 MIB
Technically completed for a year but still being revised
03 uploaded today with minor changes from 02:
* added new transport type options
* 03 respond to new comments and fix an error introduced in 02
2 MIB doctors have reviewed
Al Morton: more likely to get MIB reviewed if you can demonstrate it compiles
Karen: there are multiple compilers, and it compiles on some but not all.
Brian Haberman: At the IESG breakfast there was a discussion about MIBs. 
Will send the URL of the reference compiler to use.
Karen asked authors to compile with the MIB recommended compiler . 
If there are no issues we will LC it.

Security requirements (Tal Mizrahi)
working group adopted in November 2011
02 version :
* addressed comments
* added threat model
* added additional security implications (informational)
Need more comments on drafts
Asks to proceed to WG LC
Greg Dowd: definition of proventication (chain of trust) 
how do we clarify this requirement? current definition in autokey can't be proven.
Yaakov: injector vs. MiM.
Tal: injector can't remove packets
03 draft to be released next month
Karen asked Tal to start discussion on proventication. Ask for final comments. 
Incorporate Stefano's comments. 
The goal is to get this wrapped up prior to IETF85.
Karen: what to do next? Need to revisit drafts waiting on security requirements

Autokey (Dieter Siebold)
At last IETF presented study of present autokey authentication, conclusion was that a more secure specifications needed.
Design paper to be presented at IETF85
Reviewed major differences 
Suggest using PKI infrastructure (widely accepted) explained pros and cons
Open issues – 
* how to implement proventication?
* are alternatives to certificates useful?
Greg: public keys are huge. Suggests using a hash to keep size reasonable.
Greg: how could pools of servers implement?
Dieter: pools were not considered
Yaakov: public key cryptography issue. 
Danny (via jabber): would SHA-256 digest work?
Greg: any hash could be used - SHA-256 should work.
Greg: do you plan to do a security analysis of number of bits of randomness ?
Greg: what's the impact on the network: bandwidth, backwards compatibility ?
Karen: there has been only very limited use of autokey to date. 
Dieter: 00 draft is still in very early stage.
We have set up a small design team working on this (looking for more volunteers). 
Want to update both specification and implementation. 
Would like to bring some security area expertise into this.  
We will be putting out a call to NTP WG to accept as milestone.
Danny: current autokey RFC is informational. new version is to be standards track doc.

NTP Control message draft update (Karen)
This is an appendix of RFC1305 that didn't get into 5905
Updated, but not uploaded on time
All current comments have been addressed.
We will ask for any last comments, and then NTP WG LC.

Other NTP (Karen) 
Need an editor for NTP extension for interleave

Joint TICTOC/NTP WG meeting adjourned at 14:15