Are we going to have a no-NTS-KE build option?

James Browning jamesb.fe80 at gmail.com
Wed Jan 23 11:18:42 UTC 2019


On Wed, Jan 23, 2019, 3:07 AM Hal Murray via devel <devel at ntpsec.org wrote:

>
> I'm thinking of updating INSTALL and/or devel/hacking.adoc to say
> something
> about pthreads and OpenSSL.
>
> If we did away with shared key authentication, we could potentially do
> away
> with needing libcrypto.  Aside from authentication, we also use
> RAND_bytes()
> so we would need to substitute something for that.
>

Funny, I thought -lssl needed libcrypto as a base. IIRC the current NTS
draft does not support mode 6. So if authenticated UDP control/monitoring
sessions are desirable you still need to keep symmetric key support.

I might be wrong though.

>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190123/d9ba1164/attachment.html>


More information about the devel mailing list