First round of my stupid questions about NTS

[Eric S. Raymond]

Hal Murray via devel <devel at ntpsec.org>:
> Eric said:
> >> So, how does the NTS-KE and NTPD server know what cookie format(s) are
> >> in use?  How does the NTS-KE server know which cookie formats to issue
> >> for which NTPD servers?
> > That's a question for Daniel. I hope he'll answer it. 
> 
> Seems simple to me.  The programmers and/or sysadmins have to get it right.
> 
> Suppose you want to change the cookie format.
> 
> Plan A:
>   Install new software.
>   Restart NTP-server and NTS-KE-server.
>   Old cookies won't decrypt so will get NACKed.
>   NTP-client uses NTS-KE to get new cookies.
> 
> Plan B:
>   Install/restart a new NTP server that supports both old and new cookies.
>   Install/restart a new NTS-KE-server that gives out new cookies.
>   Wait a while.  All old cookies will go away.
> 
> Plan C/D:
>   Same as above except the NTS-KE-server gets the cookies from the NTP-server 
> so there is no need to install/restart the NTS-KE-server.  It will have to 
> make a new connection to the new NTP-server.

That should go in nts.adoc.  When we *choose* one of those
alternatives, we'll edit.

What I'd prefer is a plan where there is one oracle that both
generates and analyzes cookies, with other agents treating them as
opaque blobs to be passed around and at worst compared for binary
equality if they're operated on at all.  Dunno if I can *get* that,
but it's what I'd consider ideal.

Here are the reasons I want you to add this to nts.adoc.

(1) To write it up more formally for use in the spec you'll have to think
it through.

(2) It creates design strawmen other people can endorse or push against.

(3) It will help me when I do a pass through the document generating
more stupid questions.
-- 
		<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>

My work is funded by the Internet Civil Engineering Institute: https://icei.org
Please visit their site and donate: the civilization you save might be your own.