tlsport & ntpport
Gary E. Miller
gem at rellim.com
Sat Feb 2 20:59:34 UTC 2019
Yo Eric!
On Sat, 2 Feb 2019 08:02:16 -0500 (EST)
"Eric S. Raymond via devel" <devel at ntpsec.org> wrote:
> *tlsport XXX* Contact the NTS-KE server on TCP port XXX.
>
> *ntpport YYY* Request an NTPD server on UDP port YYY.
>
> Can anyone explain to me a case in which these are not
> equivalent to expcit port prefixes on a server, ask, re require
> address?
Because the Proposed RFC says you can ask for an ntpport without
asking for a ntpd address.
No way to test the spec without them.
The tlsport is needed because the NTS-KE may not be on the assigned
address. Also useful for testing.
In a world of IPv4 exhaustion and CGNAT, people are doing ugly things
with ports. Just look to the long existing practice of Apache, nginc,
postfix and sendmail.
> I think these can go.
No. Bad idea.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190202/3d3a600e/attachment.bin>
More information about the devel
mailing list