First round of my stupid questions about NTS

[Hal Murray]

Gary said:
> Once again: there is no TLS session between NTPD client and NTPD server.
> Once again: the NTPD server must generate new keys withour TLS. 

No, it reuses the old S2C and C2S.  (that it gets from decrypting the cookie)


> We use the algorithm of RFC 5705, but in a context with no TLS.

That doesn't make sense.  RFC 5705 assumes there is a TLS session.


-- 
These are my opinions.  I hate spam.