ABCDEFGHIJKLMNOPQRSTUVWXYZAAAB
1
Test matrix (only implementations that have been tested at IETF-105 hackathon are shown)
2
3
ServerschronyCloudflareMartin LangerNetnod/PythonNTPSEC
4
Clients
5
Martin Langer (Ostfalia), C++17worksworksworksworks
6
Netnod/Pythonworksworksworksworksworks
7
Cloudflarebreaksworkscert issuesworksworks
8
NTPSECworksworks
9
Chronyworks
10
11
12
13
Notes from Martin Langer
14
- Tests are finished
15
- I was only able to test IPv4 connections because my NTP implementation still does not support IPv6
16
- 7/8 Tests were successful (my client (Ostfalia NTP/NTS) --> different server)
17
- Almost all implementations do not perform a strict ALPN check or are faulty (mine included). It's not critical, but should be fixed
18
- all implementation supports more than 8 cookies without problems. If IP fragmentation occurs, the packets are discarded/filtered.
19
- AEAD algorithm selection and Next protocol selection works with every implementation
20
- nobody uses the OpenSSL 1.1.1 bug workaround anymore (this is good)
21
- everyone uses the same NTP extension field IDs (for NTS content); see: https://docs.google.com/spreadsheets/d/1nZ0XLkpPUVAlThLhnjp4CjJ-XnwfPPFWHNxLlp9UCyM/edit#gid=0
22
- some implementations have problems with my own server certificates (next time I switch to Let's Encrypt)
23
- in case of a faulty TLS request without correct ALPN, my server terminates the connection hard (without shutting down). This leads to a timeout for clients without a strict ALPN mechanism, if this has been defined. I should change this behavior.
24
25
my test results:
26
user/providerserverNTS-KE IPv4tcp portudp portTLS supportALPN check*AEAD algo selection (AES-SIV algos)Next algo selectionmore cookiesresultscomments
27
Christer Weinigel (Netnod)
fpga-lab.sth.netnod.se
77.72.227.121444641261.2failspass (256)passpassnts works
28
Christer Weinigel (Netnod)zoo.weinigel.se37.46.169.123444641261.2failspass (256)passpassnts workssmall TLS shutdown issue
29
Christer Weinigel (Netnod)
limekiller.weinigel.se
80.216.94.241444641261.2failspass (256)passpassnts works
30
Watson (cloudflare)
time.cloudflare.com
162.159.200.112341231.3????NTS-KE failsno response (hanging in NTS-KE)
31
NTPSEC
ntp1.glypnod.com
104.131.155.175
1231231.2, 1.3failspass (256, 384, 512)passpassnts workshigh TLS load
32
Martin Langer (Ostfalia)
nts3-e.ostfalia.de
141.41.241.704431231.2, 1.3pass (TLSv1.2)pass (256, 384, 512)passpassnts worksbug in ALPN (TLS 1.3)?
33
Gary E. Miller (NTPSEC)pi4.rellim.com204.17.205.241231231.2failspass (256, 384, 512)passpassnts worksbug in alpn?: \x07ntske/1
34
Red Hat (Chrony)
nts-test.strangled.net
31.14.131.188443111231.2, 1.3passpass (256)passpassnts works
35
36
*ALPN check: In the TLS handshake, the client must send the 'ntske/1' ALPN (Application-Layer Protocol Negotiation) and the server must accept it. The TLS response must contain the same ALPN.
37
fail: the server implementation ignore the received ALPN or accept a wrong ALPN. This is not critical and the NTS protocol works without the check, but the check is specified in the NTS draft
38
39
40
Notes from Christer Weinigel (Netnod/Python)
41
42
Netnod/Python server only supports TLSv1.2 due to pyopenssl library only supporting TLSv1.2
43
Netnod/Python client on github only supports TLSv1.2 for same reason
44
unpublished Netnod/Python client using Python 3.7.4+patched ssl library supports TLSv1.3
45
No tests with IPv6 have been run since I lack IPv6 connectivity on my test machines
46
47
client on github works with all servers except for time.cloudflare.com since the client doesn't support TLSv1.3 and cloudflare only does TLSv1.3
48
unpublished client with all servers including time.cloudflare.com
49
50
NTSKE server on zoo.weinigel.se does not perform shutdown before closing socket. This causes the shutdown error Martin sees.
51
ALPN negotation in NTSKE server will always respond with "ntske/1" no matter what the client asked for, the server should probably be stricter about this.
52
time.cloudlfare.com does not close socket after sending EOM, a client which expects to be able to read until EOF before parsing response might hang
53
If ALPN negotiation fails with nts3-e.ostfalia.de the sever never closes the connection and it seems to hang forever
54
NTPSEC server did not perform ALPN negotation at IETF-104, I posted a buggy patch to add ALPN support, one bugfix changed the ALPN
return to "\x07ntske/1" which includes a length byte, and the length byte shouldn't be included.
55
56
Notes from Watson
57
On Mac OS X, so differing socket behavior forced a few code changes to my client
58
Ostfalia fails due to a certificate construction error: the webPKI implementation I'm using doesn't parse common names
59
Chrony doesn't log anything about NTS-KE, making it hard to diagnose failures
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100