Splitting NTS-KE out from ntpd

[Hal Murray]

Thanks.

Gary said:
> It is not happening, just a request.  It seems to raise its hand every few
> weeks. 

I was trying to ask how/where/what you were hearing/seeing such requests?  
Mailing list?  usenet?  at the local pub?

If it's a place where I don't hang out, I would really appreciate it if you 
(and others) would relay that sort of market research to @devel where I will 
see, it will get archived, and we can discuss it and fold it into the 
priorities.


> The idea is that you want NTP on a bunch of servers, but only want your
> private keys on a very secure server.  Otherwise you have to manage TPM on
> every server, which is a PITA.

Seems like a reasonable request.  If you have a bunch of NTP servers, do you 
want to add a single point of failure?

Is anybody seriously interested, or is this just discussing corner cases?

I haven't worked with TPM.  How well does it work with OpenSSL?  Would our 
code have to change or do they magically cooperate without any help from our 
code?


-- 
These are my opinions.  I hate spam.