NTS update

[Hal Murray]

Gary said:
>>> Only if you figure out how to not have a huge daily rush to rekey.
>> Under normal conditions, there is never any need to rekey.
> We've gone around on that many times before.  We disagree.
> Using the same master key (with a ratchet) will eventually give the attacker
> enought data to crack it.  Maybe a long, long, time, but in crypto a long,
> long, time always cmoes much sooner than expected.

We've got word troubles here.  I was using "rekey" in the sense of using 
NTS-KE to get new cookies since that seemed to be what you used it for.

If you want to have a discussion about ratchet, we can do that.  Please start 
a new thread.  The crypto details are above my pay grade.  The current code 
uses random, but I think the code is setup so it would be easy to switch to 
ratchet.


> So no ratchet?  That would then be a rekey.  A rekey not needing the NTS-KE. 

The client doesn't know anything about ratchet or anything else about the 
cookies.

As long as the old cookies on the client are used in NTP packets soon enough 
and hence traded in for new cookies, there is no need for a NTS-KE type rekey.


-- 
These are my opinions.  I hate spam.