Deciding what modes to keep.

Eric S. Raymond esr at thyrsus.com
Fri Sep 30 00:22:02 UTC 2016


Gary E. Miller <gem at rellim.com>:
> > But we have one mission imperative that trumps drop-in replacement:
> > security.  And what makes these modes targets for removal is that,
> > according to Daniel, there are fundamentally impossible to secure.
> 
> I would split that hair.  Maybe ntpd could still send broadcast, there
> are a lot of legacy clients that can not be updated.  But not
> accept broadcast in.

That is an interesting idea!

> I not exactly sure what modes you are dropping, but dropping 'peer'
> mode would be a serious PITA for the isntalled base.  Trying to
> update an old router, without a support contract, is pretty much
> impossible.  At least not without some license or legal violation.

Ordinary peer mode is unicast, yes?  No way we'd ever drop that.
-- 
		<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 811 bytes
Desc: not available
URL: <http://lists.ntpsec.org/pipermail/devel/attachments/20160929/de01cee3/attachment.bin>


More information about the devel mailing list