NTS keys as I understand them
Eric S. Raymond
esr at thyrsus.com
Tue Jan 15 03:26:54 UTC 2019
Gary E. Miller via devel <devel at ntpsec.org>:
> > Why are you fighting so hard for the reuse case?
>
> Because the Proposed RFC allows for it, so some will use it. We need to
> be interroperable. It may be useful for bad connections.
While I concded your point that we need to plan for interoperability, Gary,
I'm going to put my foot down about not *defaulting* to re-use.
Why not? Because my spider-sense tells me that if (and *only* if) we
rely on that, some clever bastard is going to come up with a bizarre,
previously-unimagined spin on a replay attack. Because that's just the
way the Dread God Finagle rolls.
--
<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>
My work is funded by the Internet Civil Engineering Institute: https://icei.org
Please visit their site and donate: the civilization you save might be your own.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190114/d1d354bf/attachment.bin>
More information about the devel
mailing list