What's left to doo on NTS.

Kurt Roeckx kurt at roeckx.be
Sun Mar 3 11:52:31 UTC 2019


On Sat, Mar 02, 2019 at 09:23:51PM -0800, Hal Murray via devel wrote:
> *) There is actually one interesting point that authentication makes more 
> interesting.  On receive, we get a time stamp when the packet arrives.  We can 
> take all day to inspect the packet and run authentication code.  On transmit, 
> we grab the time and put it in the packet.  All the delays between then and 
> when the packet hits the wire are contributing to a misleading time stamp.  
> Authentication code is on that path.  The same thing happens on both client 
> and server.  If they are similar CPUs, the offsets should cancel.  If not, ... 
>  I think we can measure this by comparing IPv4 and IPv6 with NTS on one.

If this is something you're worried about, this can be solved with
the interleave mode, which was removed.


Kurt



More information about the devel mailing list