ntp.conf changes for NTS

Hal Murray hmurray at megapathdsl.net
Sat Feb 2 20:36:10 UTC 2019


James Browning said:
> IIRC the previous key is kept for a rotation. Unless you are using something
> like poll 14+ it shouldn't be a problem. 

Correct.  That's for K, the key the server uses to encrypt/decrypt part of a 
cookie.  The client doesn't know anything about that key.

But there is another pair of keys: C2S and S2C.  They are used to authenticate 
and encrypt traffic between client and server.  There is no explicit mechanism 
to roll them over - nor is there a need for one.

In order to avoid tracking, cookies are not reused.  Normally, the client has 
8 cookies.  For each NTP request-response exchange, the client sends a cookie 
and gets back a new one.  If a packet gets lost, the client only has 7 unused 
cookies.  On the next request, it says "PS: please send me an extra cookie."  
If 8 packets in a row are lost, the client will be out of unused cookies.  At 
that point, it can either reuse cookies or go through NTS-KE again to get new 
cookies.  NTS-KE will also refresh C2S and S2C.

But if no packets are lost, C2S and S2C will be used forever.



-- 
These are my opinions.  I hate spam.





More information about the devel mailing list