UDP/123 policers & status

[saku at ytti.fi (Saku Ytti)]

On Mon, 30 Mar 2020 at 01:58, Ragnar Sundblad <ragge at kth.se> wrote:

> A protocol with varying packet size, as the NTS protected NTP is,
> can easily have the bad property of having responses larger than the
> requests if not taken care. Donâ??t you see that?

Why? Why not pad requests to guarantee attenuation vector until
authenticity of packets can be verified?

MinimaLT does this. I think all UDP based and initial TCP should do
it, doing it for existing protocols may not be possible, but why not
for new?

I proposed similar method for proxy-trace (bidir tracerouting) -
https://github.com/ytti/proxy-trace/blob/master/draft-ytti-intarea-proxy-trace.xml#L169

-- 
  ++ytti