Next release

Richard Laager rlaager at
Wed Nov 20 19:11:34 UTC 2019

On 11/20/19 6:32 AM, Hal Murray via devel wrote:
> What is the long term importance of shared keys?  (old authentication)  Is it 
> useful/important to have a backup that doesn't use OpenSSL and doesn't depend 
> on certificates?  (we do use their crypto library)

I don't use them, so that biases my opinion. That said, I think it
should go away at some point in favor of NTS. However, there are a
couple of concerns that I can think of:

1) Shared key authentication does not have the time-based bootstrapping
problems relating to certificate validation that NTS does. At a minimum,
we need to implement something there. I've made a proposal previously.

2) Important time services (e.g. NIST and the like) supposedly offer
shared-key time service. Unless/until they support NTS, it may not be an
alternative if people want traceability to official time.


More information about the devel mailing list