First round of my stupid questions about NTS
Ian Bruene
ianbruene at gmail.com
Thu Jan 17 20:10:31 UTC 2019
On 1/17/19 2:00 PM, Eric S. Raymond wrote:
> Ian Bruene via devel <devel at ntpsec.org>:
>>> Charlie requests a master key (and possibly initial cookies) daily
>>> from Delta.
>> Cookies wouldn't be part of that. For a start "once a day" would have the
>> cookies up to tens of thousands of packets out of date (assuming a packet
>> every second for a client that joined just after the last NTPD-NTS sync).
> Then what's *your* explanation for "We could also send the initial
> cookies over that channel so that only NTP-server knows the cookie
> format."
I don't know.
If initial cookies need to be transferred it needs to happen right after
the key exchange.
However I don't know any reason to transfer initial cookies: NTPD and
NTS-KE already know the cookie format or they can't work together at
all. And all the relevant data from a cookie is accessed by decrypting
it with the master key.
--
/"In the end; what separates a Man, from a Slave? Money? Power? No. A
Man Chooses, a Slave Obeys."/ -- Andrew Ryan
/"Utopia cannot precede the Utopian. It will exist the moment we are fit
to occupy it."/ -- Sophia Lamb
I work for the Internet Civil Engineering Institute <https://icei.org/>,
help us save the Internet from Entropy!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190117/c75703e0/attachment.html>
More information about the devel
mailing list