[ntp:questions] IFF autokey issue

Steve Kostecke kostecke at ntp.isc.org
Tue May 8 18:40:36 UTC 2007


On 2007-05-08, Garrett Wollman <wollman at bimajority.org> wrote:
> In article <slrnf40t8c.m6.kostecke at stasis.kostecke.net>,
> Steve Kostecke  <kostecke at ntp.isc.org> wrote:
>
>>I'm not sure why you would consider the server's trusted host parameters
>>to be "unauthentic".
>
> And they are made "trusted" by simply asserting that they are so
> (i.e., by setting a bit in a self-signed "certificate")?

There is no Central Scrutinizer who decrees whether or not a server is
"authentic" or "trusted".

The entity generating the host parameters marks them as trusted by using
the '-T' switch during the generation process. Who should perform this
task for a particular application is a policy decision, not an
implementation decision.

-- 
Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/




More information about the questions mailing list