[ntp:questions] IFF autokey issue
Steve Kostecke
kostecke at ntp.isc.org
Tue May 8 18:40:36 UTC 2007
On 2007-05-08, Garrett Wollman <wollman at bimajority.org> wrote:
> In article <slrnf40t8c.m6.kostecke at stasis.kostecke.net>,
> Steve Kostecke <kostecke at ntp.isc.org> wrote:
>
>>I'm not sure why you would consider the server's trusted host parameters
>>to be "unauthentic".
>
> And they are made "trusted" by simply asserting that they are so
> (i.e., by setting a bit in a self-signed "certificate")?
There is no Central Scrutinizer who decrees whether or not a server is
"authentic" or "trusted".
The entity generating the host parameters marks them as trusted by using
the '-T' switch during the generation process. Who should perform this
task for a particular application is a policy decision, not an
implementation decision.
--
Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/
More information about the questions
mailing list