What's left to doo on NTS.
Gary E. Miller
gem at rellim.com
Sun Mar 3 22:45:18 UTC 2019
Yo Hal!
On Sat, 02 Mar 2019 22:45:05 -0800
Hal Murray via devel <devel at ntpsec.org> wrote:
> Gary said:
> >> Which ones do you intend to relax? And in any case you don't need a
> >> whole CA, you can pin a self-signed cert and still do full
> >> validation on it.
> > Except we can't. The current NTPsec code does not support any cert
> > fanciness.
>
> For some value of "any" or "fancy".
Good we agree. Too early to be fancy, but soon we must.
> You can provide a list of trusted certificates. That's how I've been
> testing with self signed certs.
Many people dont bother to finish the whole self signed process.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190303/6d434cdb/attachment.bin>
More information about the devel
mailing list