ntp.conf changes for NTS
Gary E. Miller
gem at rellim.com
Wed Jan 30 23:14:28 UTC 2019
Yo Richard!
On Wed, 30 Jan 2019 16:59:28 -0600
Richard Laager via devel <devel at ntpsec.org> wrote:
> There's another complication too. The server can send back a name or
> an IP address. What happens if the client request contains a name and
> the server's response contains an IP? That might be a match (e.g. if
> the client performs an A/AAAA lookup for the name it requested, it
> gets back that IP in the response) or it might not.
Yup. As the proposed RFC says: OPTIONAL.
> I think it would be useful to understand the use case(s) for the
> client requesting a specific server vs the use case(s) for a user
> configuring the client to request a specific server.
Isn't the client the also the user. So both cases the same?
I see two reasons to request a specific server.
1. I'm an admin, and I want to test/monitor each NTPD server than
an NTS-KE is serving for.
2. I'm picky, and I want a specific close by server instead of another
one managed by the same NTS-KE that is far away.
For #1 I would insist on the specific NTPD server.
For #2 I would prefer the specific NTPD server, but accept what I
can get.
> Or, you can punt this all to the user by offering both choices:
>
> nts nts-ke.example.org
> ^^ Accepts whatever is returned.
>
> nts nts-ke.example.org ask ntpd.example.org
> ^^ Sends an explicit request. Accepts whatever is returned.
>
> nts nts-ke.example.org require ntpd.example.org
> ^^ Sends an explicit request. If not mirrored back exactly, stop.
I like it.
> Here's another wrinkle. Does the first example, "nts
> nts-ke.example.org", send a request for "nts-ke.example.org"? I think
> it should.
Why? In the first choice I just want any old chimer.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190130/7d942129/attachment-0001.bin>
More information about the devel
mailing list