The key-manahement argument

[Hal Murray]

> The NTS-KE servers would have to share NTS master keys (and cookie formats!)
> with volunteer NTP servers.

If you are interested in security, sharing a master key with many servers 
seems like a bad idea - too many opportunities for a leak.  With something 
like the pool where anybody can join (and thus get the key), security is no 
longer possible.

There are actually two parts to TLS security.  One is the technical side.  Can 
the crypto be broken?  Has the secret key leaked?  The other is trust.  Do you 
trust the name you are using?  The name you used could be a malicious clone of 
a legitimate name: F00 vs FOO.  Or the correct company could be untrustworthy.

The pool might be a good way to test NTS code.  I don't see how to get a 
serious level of trust with volunteer effort.

-----------

We can avoid sharing the master key with many NTP servers if the NTS-KE server 
contacts the selected NTP server to get the initial cookies.  That requires 
secrecy on that connection.  That could be TLS and hence another certificate 
or a shared key.


-- 
These are my opinions.  I hate spam.