On 7/27/2010 5:25 PM, Mikael Abrahamsson wrote: > On Tue, 27 Jul 2010, Danny Mayer wrote: > >> The subject of encrypting PTP (or NTP for that matter) packets came up >> during the Working Group Meeting. However, noone has said why you would >> bother to do so. The data is not private in any sense of >> confidentiality; it's not useful if it's not consumed immediately on >> arrival and there's lots of overhead in encrypting and decrypting >> packets so why is even being considered. Is there a good use case for >> this or are we just wasting cycles? > > Cryptographically signing something is often very similar to both > signing and encrypting, so if the mechanism employed already supports > both, why not support it so someone who want's to do encryption can do so? >
Because the overhead cost is huge compared to the benefit and you are adding a major increase in latency and probably jitter as a result. Small and nimble is much better. > I don't think we right now can foresee all use cases for the future so I > see little harm in supporting both authentication and encryption. > Leave out whatever you don't have use cases for. You are wasting a lot of time and effort in defining, coming to a agreement on the architecture of something you won't use and then people have to go off and implement it but have no way of ensure that the non-existant use cases can use it. See above. Also no discussions have been held on how you authenticate a server (or for that matter a client if that even has value) so that it does not depend on the clocks of each node in the network. Danny _______________________________________________ TICTOC mailing list [email protected] https://www.ietf.org/mailman/listinfo/tictoc
