<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
<html lang="en">
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<title>
GitLab
</title>



<style>img {
max-width: 100%; height: auto;
}
</style>
</head>
<body>
<div class="content">
<h3>
Hal Murray pushed to branch master
at <a href="https://gitlab.com/NTPsec/ntpsec">NTPsec / ntpsec</a>
</h3>
<h4>
Commits:
</h4>
<ul>
<li>
<strong><a href="https://gitlab.com/NTPsec/ntpsec/commit/b40b388a03a0b12276fe8c6d7ae16208673742ed">b40b388a</a></strong>
<div>
<span>by Hal Murray</span>
<i>at 2019-01-20T10:54:22Z</i>
</div>
<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Move configuration info to a new block.
</pre>
</li>
</ul>
<h4>1 changed file:</h4>
<ul>
<li class="file-stats">
<a href="#609c2c0b1eb27fef7a1a180c7fd078d2c4033c62">
devel/nts.adoc
</a>
</li>
</ul>
<h4>Changes:</h4>
<li id="609c2c0b1eb27fef7a1a180c7fd078d2c4033c62">
<a href="https://gitlab.com/NTPsec/ntpsec/commit/b40b388a03a0b12276fe8c6d7ae16208673742ed#609c2c0b1eb27fef7a1a180c7fd078d2c4033c62"><strong>devel/nts.adoc</strong></a>
<hr>
<table class="code white" style="font-family: monospace; font-size: 90%;" bgcolor="#fff" width="100%" cellpadding="0" cellspacing="0">
<tr class="line_holder match" id="" style="line-height: 1.6;">
<td class="diff-line-num unfold js-unfold old_line" data-linenumber="152" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">...</td>
<td class="diff-line-num unfold js-unfold new_line" data-linenumber="152" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">...</td>
<td class="line_content match " style="padding-left: 0.5em; padding-right: 0.5em; color: rgba(0,0,0,0.3);" bgcolor="#fafafa">@@ -152,32 +152,8 @@ making two calls to SSL_export_keying_material(), which implements</td>
</tr>
<tr class="line_holder" id="" style="line-height: 1.6;">
<td class="diff-line-num old_line" data-linenumber="152" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
152
</td>
<td class="diff-line-num new_line" data-linenumber="152" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
152
</td>
<td class="line_content noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC152" class="line" lang="plaintext">RFC5705.  The label and context inputs are provided in 5.1.  This</span>
</pre>
</td>
</tr>
<tr class="line_holder" id="" style="line-height: 1.6;">
<td class="diff-line-num old_line" data-linenumber="153" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
153
</td>
<td class="diff-line-num new_line" data-linenumber="153" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
153
</td>
<td class="line_content noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC153" class="line" lang="plaintext">process is deterministic, so both ends generate the same C2S and S2C.</span>
</pre>
</td>
</tr>
<tr class="line_holder" id="" style="line-height: 1.6;">
<td class="diff-line-num old_line" data-linenumber="154" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
154
</td>
<td class="diff-line-num new_line" data-linenumber="154" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
154
</td>
<td class="line_content noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC154" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
155
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC155" class="line" lang="plaintext">The NTS-KE server SHOULD have a configuration parameter to specify</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="156" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
156
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC156" class="line" lang="plaintext">the TLS key, certificate, and intermediate certificate bundles.</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="157" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
157
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC157" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="158" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
158
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC158" class="line" lang="plaintext">The NTS-KE server MAY have a method to reload the key, certificate,</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="159" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
159
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC159" class="line" lang="plaintext">and intermediate certificate bundles without a full daemon restart.</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="160" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
160
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC160" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="161" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
161
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC161" class="line" lang="plaintext">The NTS-KE server SHOULD have a configuration parameter to specify</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="162" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
162
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC162" class="line" lang="plaintext">which TLS protocols are permissible.  Regardless of what is</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="163" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
163
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC163" class="line" lang="plaintext">configured, because the NTS specification relies on RFC 5705, and</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="164" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
164
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC164" class="line" lang="plaintext">also because it explicitly says so, TLS 1.3 is the minimum TLS</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="165" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
165
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC165" class="line" lang="plaintext">version allowed.</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="166" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
166
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC166" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="167" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
167
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC167" class="line" lang="plaintext">The NTS-KE server SHOULD provide a configuration paramter to</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="168" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
168
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC168" class="line" lang="plaintext">configure an OpenSSL cipher string for the TLS connection.</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="169" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
169
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC169" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="170" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
170
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC170" class="line" lang="plaintext">The NTS-KE server SHOULD provide a configuration paramter to</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="171" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
171
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC171" class="line" lang="plaintext">configure an OpenSSL cipher string for the AEAD algorithms.</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="172" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
172
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC172" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="173" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
173
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC173" class="line" lang="plaintext">By default, the NTS-KE server SHOULD honor the client's AEAD</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="174" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
174
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC174" class="line" lang="plaintext">algorithm ordering; that is, the NTS-KE server SHALL by default</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="175" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
175
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC175" class="line" lang="plaintext">choose the first of the client's AEAD algorithms that the server</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="176" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
176
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC176" class="line" lang="plaintext">also supports (after limiting by the server's configured cipher</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="177" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
177
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC177" class="line" lang="plaintext">string). However, the server SHOULD have a configuration parameter to</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="178" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
178
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC178" class="line" lang="plaintext">honor its cipher order which reverses this behavior, choosing the</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="179" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
179
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC179" class="line" lang="plaintext">first from the server's sorted list of algorithms that is also</span>
</pre>
</td>
</tr>
<tr class="line_holder old" id="" style="line-height: 1.6;">
<td class="diff-line-num old old_line" data-linenumber="180" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
180
</td>
<td class="diff-line-num new_line old" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content noteable_line old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC180" class="line" lang="plaintext">supported by the client.</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="181" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="155" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
155
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC155" class="line" lang="plaintext">The NTS-KE client passes C2S and S2C to the NTP client.  The NTS-KE</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="181" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="156" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
156
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC156" class="line" lang="plaintext">server uses them to make the initial cookies.</span>
</pre>
</td>
</tr>
<tr class="line_holder" id="" style="line-height: 1.6;">
<td class="diff-line-num old_line" data-linenumber="181" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
181
</td>
<td class="diff-line-num new_line" data-linenumber="157" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
157
</td>
<td class="line_content noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC157" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder" id="" style="line-height: 1.6;">
<td class="diff-line-num old_line" data-linenumber="182" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
182
</td>
<td class="diff-line-num new_line" data-linenumber="158" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
158
</td>
<td class="line_content noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC158" class="line" lang="plaintext">The NTS-KE server then generates and returns 8 cookies using, for</span>
</pre>
</td>
</tr>
<tr class="line_holder" id="" style="line-height: 1.6;">
<td class="diff-line-num old_line" data-linenumber="183" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
183
</td>
<td class="diff-line-num new_line" data-linenumber="159" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
159
</td>
<td class="line_content noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC159" class="line" lang="plaintext">example, the suggested format in section 6 of the NTS draft.  To do</span>
</pre>
</td>
</tr>
<tr class="line_holder match" id="" style="line-height: 1.6;">
<td class="diff-line-num unfold js-unfold old_line" data-linenumber="210" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">...</td>
<td class="diff-line-num unfold js-unfold new_line" data-linenumber="186" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">...</td>
<td class="line_content match " style="padding-left: 0.5em; padding-right: 0.5em; color: rgba(0,0,0,0.3);" bgcolor="#fafafa">@@ -210,6 +186,35 @@ data as well.  For the request, the encrypted data is empty.  For the</td>
</tr>
<tr class="line_holder" id="" style="line-height: 1.6;">
<td class="diff-line-num old_line" data-linenumber="210" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
210
</td>
<td class="diff-line-num new_line" data-linenumber="186" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
186
</td>
<td class="line_content noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC186" class="line" lang="plaintext">response, it contains a new cookie (or cookies). AEAD also needs a nonce.</span>
</pre>
</td>
</tr>
<tr class="line_holder" id="" style="line-height: 1.6;">
<td class="diff-line-num old_line" data-linenumber="211" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
211
</td>
<td class="diff-line-num new_line" data-linenumber="187" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
187
</td>
<td class="line_content noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC187" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder" id="" style="line-height: 1.6;">
<td class="diff-line-num old_line" data-linenumber="212" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
212
</td>
<td class="diff-line-num new_line" data-linenumber="188" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
188
</td>
<td class="line_content noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC188" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="189" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
189
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC189" class="line" lang="plaintext">== Configuration ==</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="190" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
190
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC190" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="191" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
191
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC191" class="line" lang="plaintext">By default, the NTS-KE server SHOULD honor the client's AEAD</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="192" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
192
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC192" class="line" lang="plaintext">algorithm ordering; that is, the NTS-KE server SHALL by default</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="193" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
193
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC193" class="line" lang="plaintext">choose the first of the client's AEAD algorithms that the server</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="194" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
194
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC194" class="line" lang="plaintext">also supports (after limiting by the server's configured cipher</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="195" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
195
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC195" class="line" lang="plaintext">string). However, the server SHOULD have a configuration parameter to</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="196" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
196
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC196" class="line" lang="plaintext">honor its cipher order which reverses this behavior, choosing the</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="197" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
197
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC197" class="line" lang="plaintext">first from the server's sorted list of algorithms that is also</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="198" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
198
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC198" class="line" lang="plaintext">supported by the client.</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="199" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
199
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC199" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="200" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
200
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC200" class="line" lang="plaintext">The NTS-KE server SHOULD have a configuration parameter to specify</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="201" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
201
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC201" class="line" lang="plaintext">the TLS key, certificate, and intermediate certificate bundles.</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="202" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
202
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC202" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="203" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
203
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC203" class="line" lang="plaintext">The NTS-KE server MAY have a method to reload the key, certificate,</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="204" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
204
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC204" class="line" lang="plaintext">and intermediate certificate bundles without a full daemon restart.</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="205" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
205
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC205" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="206" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
206
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC206" class="line" lang="plaintext">The NTS-KE server SHOULD have a configuration parameter to specify</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="207" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
207
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC207" class="line" lang="plaintext">which TLS protocols are permissible.  Regardless of what is</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="208" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
208
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC208" class="line" lang="plaintext">configured, because the NTS specification relies on RFC 5705, and</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="209" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
209
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC209" class="line" lang="plaintext">also because it explicitly says so, TLS 1.3 is the minimum TLS</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="210" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
210
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC210" class="line" lang="plaintext">version allowed.</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="211" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
211
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC211" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="212" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
212
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC212" class="line" lang="plaintext">The NTS-KE server SHOULD provide a configuration paramter to</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
213
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC213" class="line" lang="plaintext">configure an OpenSSL cipher string for the TLS connection.</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="214" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
214
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC214" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="215" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
215
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC215" class="line" lang="plaintext">The NTS-KE server SHOULD provide a configuration paramter to</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="216" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
216
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC216" class="line" lang="plaintext">configure an OpenSSL cipher string for the AEAD algorithms.</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="" style="line-height: 1.6;">
<td class="diff-line-num new old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="diff-line-num new new_line" data-linenumber="217" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
217
</td>
<td class="line_content new noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC217" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder" id="" style="line-height: 1.6;">
<td class="diff-line-num old_line" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
213
</td>
<td class="diff-line-num new_line" data-linenumber="218" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
218
</td>
<td class="line_content noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC218" class="line" lang="plaintext">== Key Generation and Usage ==</span>
</pre>
</td>
</tr>
<tr class="line_holder" id="" style="line-height: 1.6;">
<td class="diff-line-num old_line" data-linenumber="214" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
214
</td>
<td class="diff-line-num new_line" data-linenumber="219" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
219
</td>
<td class="line_content noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC219" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder" id="" style="line-height: 1.6;">
<td class="diff-line-num old_line" data-linenumber="215" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
215
</td>
<td class="diff-line-num new_line" data-linenumber="220" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
220
</td>
<td class="line_content noteable_line" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC220" class="line" lang="plaintext">NTS makes use of three keys:</span>
</pre>
</td>
</tr>

</table>
<br>
</li>

</div>
<div class="footer" style="margin-top: 10px;">
<p style="font-size: small; color: #777777;">

<br>
<a href="https://gitlab.com/NTPsec/ntpsec/commit/b40b388a03a0b12276fe8c6d7ae16208673742ed">View it on GitLab</a>.
<br>
You're receiving this email because of your account on gitlab.com.
If you'd like to receive fewer emails, you can
adjust your notification settings.
<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Commit","url":"https://gitlab.com/NTPsec/ntpsec/commit/b40b388a03a0b12276fe8c6d7ae16208673742ed"}}</script>
</p>
</div>
</body>
</html>