[ntp:hackers] UDel security

Steve Kostecke kostecke at ntp.isc.org
Mon May 16 05:52:41 PDT 2005


"David L. Mills" said:

>Steve Kostecke wrote:
>
>>My IFF key request page is at https://ntp.isc.org/crypto.php
>
>I saw your key page. It certainly does what needs to fetch the key,    
>but the key is for only one machine.

That key request page is intended to be operated by the Time Server
Operator. A CA would use a different approach.

>My hope would be to have the duly authorized server administrator      
>upload the script including the key as part of name server list        
>maintenance and clients be able to retrieve it as part of the          
>lookup-name-select process. The client selects the password, which is  
>presumably a different secret for every client.                        

The time server operators would have to provide both their IFFpar
file _and_ their crypto password to make it possible for us to export
the "group/client key" (IFFkey) encrypted with each client's password.

How many time server operators would be willing to entrust us with this
information?

>All private key files, including the host key, sign key and group key,
>are stored in encrypted form using a password. Without the password
>they are of no use if stolen and used on another machine, either in or
>out of the group.

Theft of the "group/client key" is not the issue. The problem is that
because the exported "group/client key" is not bound to something such
as the users IP address, there is nothing preventing an authorized user
from giving the group key and password to someone else.

>Note that it is very likely that a client/server will have multiple
>keys for different groups.

And each ntpd will have their own crypto password. That's why we need to
be able to export "group/client keys" on-the-fly.

>I see on the primary server list that the contact person is listed for 
>all primary servers except the ones I administer. I am listed on the old 
>lists from here. That doesn't matter; everybody knows who those servers 
>belong to.

That was a deliberate omission to respect your wishes regarding
unnecessary dissemination of your e-mail address.

-- 
Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project http://ntp.isc.org/
Public Key at http://ntp.isc.org/Users/SteveKostecke



More information about the hackers mailing list