NTS Wildcard Certificates
Hal Murray
hmurray at megapathdsl.net
Mon Nov 18 06:59:52 UTC 2019
rlaager at wiktel.com said:
> Does commit 74308fa20545ae1b34708ec06e38ea244dda7c54 disable the use of
> wildcard certificates for NTS? If so, why was that done?
Looks that way. No specific reason. I was just cleaning up and tightning
things down. It seems like it would make things slightly more secure. The
bad guy who wants to play MITM now has to break into your time server.
Breaking into one of its friends isn't good enough.
What did I break? What's the use case for using wildcards? How often are
they used?
Do we want to just remove that line, or add a config file option to set or
not-set it?
--
These are my opinions. I hate spam.
More information about the devel
mailing list