Does broadcast *server* mode still exist?

Hal Murray hmurray at megapathdsl.net
Mon Aug 19 00:27:33 UTC 2019


esr at thyrsus.com said:
> That's covered. In the page on NTPsec changes:
> * Broadcast- and multicast modes, which are impossible to
>   secure, have been removed. 

I was looking for more information.  Why can't we secure it?

What's wrong with using a public/private key to sign each broadcast packet?

(It's hard to prove a negative like "impossible to secure", but maybe security 
geeks know things that I don't.)

-----------

I'm not sad to see broadcast modes gone.  It was tangled up with a state machine which I never really understood.

In general, broadcasting is evil.  That's another reason to drop it.

But there might be good reasons to use it.  Maybe simplifying the config file for some deployment applications?


-- 
These are my opinions.  I hate spam.





More information about the devel mailing list