NTS off the ground - time for testing

Eric S. Raymond esr at thyrsus.com
Wed Feb 20 05:51:59 UTC 2019


Hal Murray via devel <devel at ntpsec.org>:
> 
> The server side needs a cookie and private key.
> 
> The K and I used to encrypt cookies is a hack constant so old cookies work 
> over server reboots.
> 
> The client side defaults to using the system root certificates.  You can 
> provide your own.
> 
> With the NTS flag, the client side tries NTS-KE, and drops into normal mode if 
> that doesn't work.  If it does work, it sends NTS packets until it runs out of 
> cookies.  Then it drops into normal mode.
> 
> The code to ask for extra cookies doesn't exist yet.  If it gets started, it will run in NTS mode until 8 packets get lost.

Excellent.  What's the bext thing you need from me?
-- 
		<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>

My work is funded by the Internet Civil Engineering Institute: https://icei.org
Please visit their site and donate: the civilization you save might be your own.




More information about the devel mailing list