Let's get moving on NTS
Hal Murray
hmurray at megapathdsl.net
Sun Jan 6 23:22:32 UTC 2019
Gary said:
> Section 6 proposes a simple means to keep generating new short term keys fomr
> old keys, so no need for further communication between the NTS-KE and NTPD.
> Just once is enough.
There needs to be coordination when keys change.
It might be possible to have both NTS-KE and NTPD use the same new-key recipe
and the same time constant, but that seems like an invitation to get out of
sync. I think it will be cleaner to have one end in charge of keys and tell
the other end when they change.
We also have to consider how to get started and/or what happens when one end
gets restarted.
My straw man is that NTS is in charge of keys and NTPD will ask at startup and
poll occasionally.
> The how could be as simple as a config file they share,
> Then, if they both start with the same key, they roll forward, forever, with
> no communication.
That's communicating via the file system. It's not a traditional config file
that an admin edits. It needs to get updated so keys aren't reused when the
system reboots.
--
These are my opinions. I hate spam.
More information about the devel
mailing list