NTS - lesson in certificates/keys please
Hal Murray
hmurray at megapathdsl.net
Fri Jan 18 03:34:48 UTC 2019
Could somebody give me a lesson in certificates and keys?
I'm somewhat familiar with certificates as used in HTTPS. Are there other
common uses?
What sort of certificates do we need for testing? Where do we get them
I think the NTS-KE-server needs the private key for the certificate(s) it
supports. Should we put it in a separate process so bugs in ntpd can't expose
the private key?
That also allows us to write NTS-KE-server in a HLL.
--------
There is an interesting corner case. Telco companies like to put spares on
the shelf and expect them to work 10 years later. How often do root
certificates roll over?
I assume the normal TLS stuff uses a collection of root certificates that are
distributed via the normal OS/Distro update mechanism. That won't work if the
box is sitting on a shelf. Can
--
These are my opinions. I hate spam.
More information about the devel
mailing list