Tangle - cookie keys file
Gary E. Miller
gem at rellim.com
Thu Mar 7 20:17:49 UTC 2019
Yo Achim!
On Thu, 07 Mar 2019 21:13:47 +0100
Achim Gratz via devel <devel at ntpsec.org> wrote:
> Hal Murray via devel writes:
> > They are needed to use old cookies after restarting ntpd.
>
> I'd not go there. If you do a cold restart, you lose the
> cryptographic state, end of story.
Now imagine you are running ntpd for NIST, and you just did a restart.
Your 200k NTP requests per second now all stopped dead, and started
hammering on your NTS-KE server. Game over, you are dead.
> > A side benefit is that it enables something like a KE server for a
> > pool.
Once again. let's ignore the pool for now...
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190307/fcdbbc90/attachment.bin>
More information about the devel
mailing list