What's left to doo on NTS

Hal Murray hmurray at megapathdsl.net
Sat Mar 2 03:55:15 UTC 2019


Gary said:
> It is missing key rotation.  Also how to share keys between standalone NTS-KE
> and NTPD.

Why do we need a standalone NTS-KE server?

> Gary said: 
> "noval" is not mostly for debugging.  It is essential for off network
> operation. 

I don't understand that use case.  Without checking the certificate, you have 
no real security.


> Have you tested NTS-KE and NTPD on different hosts, talking to each other?

Yes.  NetBSD and FreeBSD too.


> How about multipls NTS-KE and NTPD in a cluster? 

Nope.  I've been assuming things like that are stage 2.  I've been working on 
stage 1.




-- 
These are my opinions.  I hate spam.





More information about the devel mailing list