NTS update
Gary E. Miller
gem at rellim.com
Wed Mar 20 23:56:06 UTC 2019
Yo Hal!
On Wed, 20 Mar 2019 16:53:05 -0700
Hal Murray via devel <devel at ntpsec.org> wrote:
> >> As long as the old cookies on the client are used in NTP packets
> >> soon enough and hence traded in for new cookies, there is no need
> >> for a NTS-KE type rekey.
>
> > Yeah, I had missed that. So I agree your concept looks good so
> > far.
>
> Not my concept. Straight out of the book. (draft?)
No, the draft suggest s ratchet. You are not doing a ratchet.
> > But the NTS-KE master key (K) has to match the NTPD master key (K).
> > So they are one and the same effect.
>
> That's easy when they are running in the same process.
And hard when we have to go beyond that. Remember the use case is
one NTS-KE to many NTPD.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190320/d879b9f1/attachment.bin>
More information about the devel
mailing list