The key-manahement argument
James Browning
jamesb.fe80 at gmail.com
Sat Jan 19 23:28:40 UTC 2019
On Sat, Jan 19, 2019, 2:50 PM Richard Laager via devel <devel at ntpsec.org wrote:
>
> neither is set:
>
> For a pool, behave as "nonts" (because the common pool case is a public
> pool with volunteer servers that will not be able to present a valid
> certificate for the pool).
Actually, I think I came up with a way to NTS enable the pool. Ask
would have to create an nts subdomain with a wildcard certificate.
FQDNs beginning with a number (ie 2.) return a quartet (or octet in
the case of 2.) of CNAMEs for number-letter beginning FQDNs (ie 2g.).
The number-letter host(s) are NTS-KE server(s) that negotiate for
criteria matching a pseudo-random host in a database as
*.nts.pool.ntp.org.
But I could be wrong. I pretty annoyingly often am.
More information about the devel
mailing list