[ntp:hackers] Re: NTP and leap-seconds

Tim Shoppa shoppa at trailing-edge.com
Tue Jul 4 00:22:04 UTC 2006


"David L. Mills" <mills at udel.edu> wrote:
> Having come this far, what is your security model for the leapsecond 
> table? Is it more or less secure than the symmetric/public key 
> cryptographic model? This is not to blow off your suggestion, just to 
> suggest the security model needs to be addressed.

David -
  I have often wondered about the somewhat ponderous Autokey model
for NTP crypto. While it's not the most onerous thing to set up
it is not as easy as just putting in 3 or 4 nameservers into ntp.conf
and letting it run.

  It seems to me that the non-crypto DNS root zone file distribution
methods are less top-heavy (if less secure) and seem to work good
enough.

  In fact if we could distribute the leapsecond table via DNS
it seems like it'd kill multiple birds with one stone.

  I also realize that crypto is now intertwined into DNS in at least
some installations. And also that system time (and thus NTP) is
itself used to seed some crypto methods. Makes for a pretty tangled
knot if I think too hard!

  Dave, would I be too far off to guess that most of the Autokey
stuff was added to satisfy some mil or gov't requirement?

Tim.


More information about the hackers mailing list