NTS: config and initialization
Richard Laager
rlaager at wiktel.com
Fri Mar 8 20:50:38 UTC 2019
On 3/8/19 1:42 PM, Gary E. Miller via devel wrote:
> Is /etc/ssl/certs somewhat standard? at least for the root certs?
Somewhat, but I don't know to what extent the contents of it are standard.
Here's a proposal off the top of my head:
1) server private key = SYSCONFDIR/ntp/nts.key
2) server certificate = SYSCONFDIR/ntp/nts.crt
3) cookie key file = LOCALSTATEDIR/lib/ntpkeys
Where SYSCONFDIR would be /etc and LOCALSTATEDIR would be /var in a
distro-package on Linux.
LOCALSTATEDIR normally defaults (in GNU [0]) to PREFIX/var and thus
/usr/local/var. If you want to default it to /var/local for better FHS
compliance, that would work too.
[0] https://www.gnu.org/prep/standards/html_node/Directory-Variables.html
--
Richard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190308/d6f41a99/attachment.bin>
More information about the devel
mailing list