Knob: certificates for NTS-KE vs web

[Hal Murray]

I think I've figured out why I think my knob is interesting.

For the web, there are zillions of clients, most non-technical.  A client is 
likely to connect to many servers, often new/different ones on different days. 
 It all has to just work, straight out of the box.

For NTS-KE, an at least somewhat technical admin sets things up.  A client 
will only ever contact the few servers that are explicitly configured by the 
admin.  The S in NTS-KE is security.  It seems reasonable to me for the admin 
setting things up, or at least some of them, to be willing to spend a bit of 
time making things more secure.

My knob is a tiny step in that direction.

I think we need a man/web page to cover this area.  What can an admin do to 
make things more secure?

I'm far from a security wizard.  The biggest risk that I can see is the root 
server collection that comes packaged with most distros.  We should be able to 
write a script that figures out what cert in the root collection each server 
needs.  I've poked a bit in that area, but don't have a recpie yet

---------

Note that NTS doesn't tell you anything about the quality of the time you will 
get, just that you will get it (probably) from the site you expect to get it 
from rather than from a bad guy doing some sort of MITM attack.


-- 
These are my opinions.  I hate spam.