NTS client configuration support has landed
Hal Murray
hmurray at megapathdsl.net
Sat Feb 2 09:12:16 UTC 2019
> The only way to avoid this would be for me to go out of my way to create
> distinct grammar branches for *each declaration type*.
If you ever do that, don't forget to merge in the fudge stuff.
--------
[Specifying nonsense options, like refid for a server.]
> Considering that we're talking a quarter century of road miles...well, I'm
> going to want to actually *see* a bug report like that before I incur the
> complexity cost to prevent it.
We could fix that by checking for silly options at your fancy copy-over stage.
--------
>> My gut feel is that 'nts' can not be part of
>> the 'pool' as then a casual attacker can break the system.
> You might be right, but I'm not going to design on the assumption that you
> are because the payoff matrix is too asymmetrical.
Just because the current pool is untrustworthy doesn't mean that somebody
couldn't run a trusted pool.
Keep in mind that pool+nts isn't well specified yet. Do we want to get the
info for several servers with one NTS-KE connection, or do we want to do the a
DNS lookup to get several IP Addresses and then use separate NTS-KE
connections with each of those addresses?
--
These are my opinions. I hate spam.
More information about the devel
mailing list