NTS
James Browning
jamesb.fe80 at gmail.com
Tue Sep 25 18:14:01 UTC 2018
Ian Bruene via devel <devel at ntpsec.org>:
> I'm told that there is a document written by the resident crypto expert
> describing NTS. Does anyone have it? We might need to see it if we are
> planning on implementing what is in it you know.......
The latest draft I see is at
https://tools.ietf.org/html/draft-ietf-ntp-using-nts-for-ntp-13
a git repo is at https://github.com/dfoxfranke/nts
On Tue, Sep 25, 2018 at 6:09 AM Eric S. Raymond via devel <devel at ntpsec.org>
wrote:
> We don't just need a description of NTS is, we need an interface contract.
> That is, a description of what we need to send to it and what we expect
> to receive from it.
>
> This is *the* blocker on the NTS work.
>
I assume you mean something probably not quite completely unlike.
* NTS-ke will require listening to a TCP port (possibly 123) and spinning
up a new thread for each client. (or risk blocking the process)
* NTS-ke willl require hooks to automtical reconfigure a current NTS key w/
number a yesterday key w/ number
* NTS-ke will require a hook to save the above to the ntpkeys file (for
restarts)
* NTS-ke will require a hook to update NTS UDP processor
* NTS will require a hook to hash the standard ntp packet
* NTS will require the addition of registration of the NTSN KoD packet
* NTS will require the addition of four? new extension fields.
only with more API and less crummy language
-- JamesB192
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20180925/9d7402de/attachment.html>
More information about the devel
mailing list