What's left to doo on NTS.
Gary E. Miller
gem at rellim.com
Sat Mar 2 04:41:25 UTC 2019
Yo Daniel!
On Fri, 1 Mar 2019 21:26:15 -0500
Daniel Franke <dfoxfranke at gmail.com> wrote:
> On Fri, Mar 1, 2019 at 7:01 PM Gary E. Miller via devel
> <devel at ntpsec.org> wrote:
> > "noval" is not mostly for debugging. It is essential for off
> > network operation.
>
> There's no point in doing NTS if you're not doing certificate
> validation. The result isn't any more secure than unauthenticated NTP.
There is validation, and there is validation. Without some relaxation
of the validation rules you can't run in a private net without doing
your own CA.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190301/7c6c52ea/attachment.bin>
More information about the devel
mailing list