More word to nts.adoc

Hal Murray hmurray at megapathdsl.net
Mon Jan 14 11:50:49 UTC 2019


I've started adding references to the draft.

Ian: I didn't touch your recent edits.

You said "encrypts the rest of the data"
I think we are authenticating rather than encrypting.

The new cookies returned from the NTP server are encrypted.  I think that's at 
a different
layer.  The AEAD stuff is setup to encrypt and the packet format has a slot 
for the cypher text, but I don't think we will use that.  Please let me know 
if you find something.

Gary: A few days ago, we were discussing storing the master keys on disk so 
the NTP-S and NTS-S boxes didn't need a (network) communication channel.  I 
think we want to be able to put a communication channel in there.  Consider:
  One NTS server for multiple NTP clients.
  Multiple NTS servers supporting the same name for load sharing or better 
routing.


-- 
These are my opinions.  I hate spam.





More information about the devel mailing list