-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/04/2012 04:44 AM, Hal Murray wrote: > > > PTP is basically making the network transit times more accurate > than "symmetrical" by measuring them. Each box that processes a > packet updates the packet with the processing/queuing delays. > > I think the PTP geeks are working on crypto. I'm not tracking the > details. >
We're shifting slightly off topic here, apologies in advance. As far as I know PTP cannot calculate link asymmetry, even though it does indeed take delays in switches/routers into account if they are IEEE1588-aware by updating timestamps en route. IEEE1588-2008 can compensate for link asymmetry too, but have no way of calculating it. That is to say, something else has to give input telling PTP the characteristics of the link asymmetry. This is measurable in a static local network but is a hopeless task over Internet. I've seen some trials of using IPSec to protect PTP-traffic from tampering/manipulation, and I think there has been extensions tested similar to those used in NTP but I haven't seen those in IEEE1588. Using the approaches of NTP applied directly to PTP is hopeless with a IEEE1588-aware network though, all checksums will fail given that the path actively prods around in the packet like a true MITM (one can only hope these men in the middle are friendly:). I found a possibly good read on IETF tictoc re: security requirements for PTP and NTP for those who want to learn how deep the rabbit hole goes.[1] As Harlan Stenn pointed out in another part of the thread, we have to know what we're protecting ourselves against before we start to throw in counter-measures. // jwalck [1]: https://tools.ietf.org/html/draft-ietf-tictoc-security-requirements-03 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iQIcBAEBAgAGBQJQvatYAAoJEFwg9i9GDX+ncQcP/A/ZWMKZAnWaapr1gfDMsLmd UuNLjrxw3uJSpvGTmBI3+W1C2bYl88laTZWQWPUFpW5R/PLxFZwuA3FlNKQwzI5S Adyo3Kzhk7ukbYvSULFyhQTnGMLLSx3kmzy4abln47/olft63SWhh0QTKvNeeQXl 8r21xvUlr7cBA+lGv0+P253SCFAcgn1V2ViCx8oHioWrjtxE1xB2mquU5ieGMPzA L/KMzvkWakwPm/pNeKNuUCh8uP/FvybaqXhm9NcA/GswdzU5+xgSDpeS0cC1LEuo G7rk2WazFgghKaCGF/HILsBXZ2eWRiI5XbOBgi2T3qSUur4Qo1K+ZJuZc464/ARE hdsiN1o3f5LCNKFyCUQnjOOr0Oe26NGeA9jEDKMtlRWqAaudxOR2EnArDu3rSCe5 gDgmHq2ysBP5wUQrRa6OBIU/kQsLOFYOtdRKIQgfq2nOA96t1NblglXTkGv7zSDz ujnpMtAvVCNsC5d9ialDLID8bLEfQnBzfR/jmHXVxXoEc/d+GoLjTZ6sdlfyFqet jqRXtUER4PmQBEeac9Tlof9qQFmdQOWpjgV0YwfqIJ/9TB9zgpbGYeDDNEdyr0h6 MobJKpbedKrYhBlZyAvYAg6IB4Ad0W8+nBHO2XQ8YAWtVVXo27r7nN6wqnq+BZRz LEWmpz7gSolJWlaby/Sr =wdso -----END PGP SIGNATURE----- _______________________________________________ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
