ntp.conf changes for NTS
Gary E. Miller
gem at rellim.com
Wed Jan 30 20:37:59 UTC 2019
Yo Achim!
On Wed, 30 Jan 2019 21:32:57 +0100
Achim Gratz via devel <devel at ntpsec.org> wrote:
> Gary E. Miller via devel writes:
> > I can see value in this for testing, but IMHO it should be
> > discouraged for general use. I'd like the new ntp.conf syntax to
> > somehow emphasize that this is discouraged and optional.
>
> No. There are several institutions that have multiple servers of
> which the user could want to pick always the same one instead of
> getting one randomly assigned by the NTS-KE. Certainly nothing to
> discourage here, optional yes.
OK.
> > server ntpd.example.org
> > server nts-ke.example.org nts
> > server nts-ke.example.org nts ask ntpd.example.org
>
> Again, leave server for plain NTP and use a new keyword.
Works for me. So maybe:
server ntpd.example.org
nts nts-ke.example.org
nts nts-ke.example.org ask ntpd.example.org
> > And what should we do if the NTS-KE refuses to give us back that
> > ntpd server?
>
> The same as if you never get an answer from any other random server
> you tried to contact for whatever reason through a proxy.
But it DOES give you an answer back.
> There's
> nothing special about that situation just because you're using NTS.
Sure there is, we now have a choice that did not formerly exist, and I
can see uses for both:
1. If we do not get desired server: fail
2. If we do not get desired server: use the offered one instead
#2 is new to NTS.
For an unattended server, I would want #2. For testing, or a closely
watched server, I would want #1.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190130/44ac7904/attachment-0001.bin>
More information about the devel
mailing list