Sometimes Ignoring Time on Certificates (Was: Re: Docs we will need)

Richard Laager rlaager at wiktel.com
Sun Feb 10 09:17:14 UTC 2019


On 2/6/19 11:34 AM, Eric S. Raymond wrote:
> Richard Laager via devel <devel at ntpsec.org>:
>> On 2/5/19 7:49 PM, Richard Laager wrote:
>>> I have a specific proposal that I'll hopefully write up tonight, which
>>> may address the needs in this space.
>> I did some brainstorming on this with a colleague. I initially started
>> with an approach that would consider the system clock (if after
>> BUILD_EPOCH), then the drift file (if after BUILD_EPOCH), then accept
>> anything. But in the course of discussing it, I came up with something
>> that is a lot simpler and easier to reason about.
> 
> Please add this as a new section to nts.adoc.

https://gitlab.com/NTPsec/ntpsec/merge_requests/942


-- 
Richard


More information about the devel mailing list