the MSNTP feature and author, Andrew Bartlett
Hal Murray
hmurray at megapathdsl.net
Mon May 25 06:35:38 UTC 2020
> bottom of docs/ntpsec.adoc
That's under Future directions.
It says:
> * Now that we have full Network Time Security, a near-future
> direction is to remove older insecure authentication methods (MAC
> and MS-SNTP).
I'd be happy to drop MS-SNTP, especially if we don't have any users.
I think it will be a long time before we drop shared-key (MAC) support. NIST
supports it. The (relatively) recent upgrade to use AES (RFC 8573, Jun 2019)
indicates that there is (was) interest. I think we should clean it up by
putting the MAC into an extension and drop the current MAC finding kludgery
(RFC 7822).
> I assume there are no reporting users? Would a blog entry help, in eliciting
> response?
A blog page seems like a good idea, especially if it says "tell us if you use
it" for MS-SNTP.
--
These are my opinions. I hate spam.
More information about the devel
mailing list