What's left to doo on NTS
Hal Murray
hmurray at megapathdsl.net
Sat Mar 2 03:55:15 UTC 2019
Gary said:
> It is missing key rotation. Also how to share keys between standalone NTS-KE
> and NTPD.
Why do we need a standalone NTS-KE server?
> Gary said:
> "noval" is not mostly for debugging. It is essential for off network
> operation.
I don't understand that use case. Without checking the certificate, you have
no real security.
> Have you tested NTS-KE and NTPD on different hosts, talking to each other?
Yes. NetBSD and FreeBSD too.
> How about multipls NTS-KE and NTPD in a cluster?
Nope. I've been assuming things like that are stage 2. I've been working on
stage 1.
--
These are my opinions. I hate spam.
More information about the devel
mailing list