The key-manahement argument

Achim Gratz Stromeko at nexgo.de
Mon Jan 21 17:08:17 UTC 2019


Richard Laager via devel writes:
> On 1/19/19 6:30 PM, Hal Murray wrote:
>> We can avoid sharing the master key with many NTP servers if the NTS-KE server 
>> contacts the selected NTP server to get the initial cookies.

The other (and probably better) solution is to establish a different master key
for each NTS-KE and NTS server pair, possibly by using the same TLS key
exporter scheme.  If the NTS-KE is a different entity (as it is in the
pool situation) you don't really want it to bog down the NTS server with
a TLS connection for each client that contacts the NTS-KE.


Regards,
Achim.
-- 
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+

SD adaptations for Waldorf Q V3.00R3 and Q+ V3.54R2:
http://Synth.Stromeko.net/Downloads.html#WaldorfSDada



More information about the devel mailing list