ntp.conf changes for NTS
Gary E. Miller
gem at rellim.com
Thu Jan 31 21:53:51 UTC 2019
Yo Achim!
On Thu, 31 Jan 2019 19:33:49 +0100
Achim Gratz via devel <devel at ntpsec.org> wrote:
> Gary E. Miller via devel writes:
> >> The same as if you never get an answer from any other random server
> >> you tried to contact for whatever reason through a proxy.
> >
> > But it DOES give you an answer back.
>
> Optionally, yes. I think this part of the RFC is poorly thought out,
> I'd prefer if the NTS-KE just straight failed if the server you
> specified is not available.
I'm not sure why it has to be in the NTS-KE server. The client is free
to accept or reject the offered NTPD server.
> Which is however an option the
> implementer of the NTS-KE could chose.
Nut the NTS-KE does not care, so it has no basis to choose.
> The client has to deal with
> either response, but again does not need to accept the offered
> server, up for us to chose as default behaviour.
So, back to how we update ntp.conf to encode "ask" and "require".
I think the current proposal works:
nts nts-ke.example.com
nts nts-ke.example.com ask ntp.example.com
nts nts-ke.example.com require ntp.example.com
Maybe expanded to ask for 3 pool servers:
nts nts-ke.example.com pool 3
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190131/f6719aac/attachment.bin>
More information about the devel
mailing list