[security at ntpsec.org] Bug#964395: Does CVE-2020-13817 affect ntpsec?

Hal Murray hmurray at megapathdsl.net
Fri Aug 14 09:45:21 UTC 2020

> There is also this (which you forwarded to this list) which might help:
> https://datatracker.ietf.org/doc/draft-ietf-ntp-port-randomization/

> What's the status of that in NTPsec? I presume "not implemented", but is it
> planned? 

Correct on the "not implemented".

I have no plans.  It's not hard, but it's not easy.  Ballpark of a weekend if 
there weren't any interruptions.  I was ignoring it until the NTS RFC comes 

These are my opinions.  I hate spam.

More information about the devel mailing list