First round of my stupid questions about NTS
Ian Bruene
ianbruene at gmail.com
Fri Jan 18 01:16:13 UTC 2019
On 1/17/19 7:11 PM, Hal Murray via devel wrote:
> Do both NTP-server and NTS-KE-server have to know the new-cookie recipe? Does
> NTS-KE-server need the master key for anything other than generating cookies?
> Does it work if only the NTP-server has the master key and the NTS-KE-server
> gets cookies and S2C and C2S from the NTP server?
NTS-KE needs cookie generation because it has to render onto the client
the initial cookie stock.
NTPD needs cookie generation because it needs to replace cookies as they
are used.
If you make only one of them a cookie generator then the other side is
now always dependent on the generator.
--
/"In the end; what separates a Man, from a Slave? Money? Power? No. A
Man Chooses, a Slave Obeys."/ -- Andrew Ryan
/"Utopia cannot precede the Utopian. It will exist the moment we are fit
to occupy it."/ -- Sophia Lamb
I work for the Internet Civil Engineering Institute <https://icei.org/>,
help us save the Internet from Entropy!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190117/7fbcba5f/attachment.html>
More information about the devel
mailing list