The key-manahement argument
Achim Gratz
Stromeko at nexgo.de
Mon Jan 21 19:35:32 UTC 2019
Richard Laager via devel writes:
> Opportunistic NTS is only applicable when the administrator has not
> specified NTS. In that scenario, if ntpd doesn't do opportunistic NTS,
> then it's going to do plain NTP. How is the risk that a MITM could
> downgrade you only at startup worse than always being "downgraded"
> because you didn't even try to upgrade to NTS?
The risk is that you don't know you've been targeted in that way.
Anyway, I'm not a big fan of such heuristics. Explain the options and
let the user chose.
The NTP pool will need to advertise separate NTS-KE anyway, at least I don't
see an easy way around that.
Regards,
Achim.
--
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+
Factory and User Sound Singles for Waldorf Blofeld:
http://Synth.Stromeko.net/Downloads.html#WaldorfSounds
More information about the devel
mailing list