[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gpsd-dev] Moving ntpd to an open VCS

From: Gary E. Miller
Subject: Re: [gpsd-dev] Moving ntpd to an open VCS
Date: Mon, 28 Oct 2013 11:14:41 -0700

Yo Greg!

On Mon, 28 Oct 2013 07:25:20 -0400
Greg Troxel <address@hidden> wrote:

> Hal Murray <address@hidden> writes:
> > There is an interesting chicken-egg tangle here.
> It's actually a very hard problem.
> To authenticate a time server, one needs to check some sort of
> certificate and check the expiration/valid times (or else there is no
> means of revocation).

I musta missed something, when did ntpd servers start using certificates??
I see nothing about that in the ntpd man page.

> In addition, one needs to be very clear on whether the mechanisms used
> to secure the routing infrastructure (e.g. OSPF MD5, IPsec for OSPF,
> etc.) need time to function.   This leads to a hierarchy of how the
> entire network system is bootstrapped.

Yes, that is the bigger problem.  Which is why I always try to hard code
the basics as much as possible.  Core network autoconfig at boot time is
always a loser.

Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97701
        address@hidden  Tel:+1(541)382-8588

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]