[ntp:hackers] ntp Authentification support for X.509v3 against a Certificate Authority (CA)

Laatz, Erek laatz at makdata.de
Wed Jun 21 14:44:50 UTC 2006


Danny,

thank you very much for your answer and the support adding Dave Mills to this
reply!
Unfortunately I have studied the ntp documentation of Dave Mills and also his
new book 'Computer Network Time Synchronization - The Network Time Protocol' (I
would tell you - it's a strong and long way to get it here in Germany) but I
found no hint on how to configure this special topic.

Usual autokey (IFF) with self generated X.509v3 certificates works fine in our
test environment!

Erek




Erek Laatz

Danny Mayer wrote:
> Laatz, Erek wrote:
>> Dear all,
>>
>> we want to set up a larger environment for around 60 NTP servers in Germany.
>> All these hosts will have the ability to use system specific X509v3
>> certificates issued by a CA. Our idea is to use these certificates also for ntp
>> authentification as we have the requirement to use some kind of
>> authentification within the ntp installations.
>>
>> I've looked in several sources but found no idea how to realize a certificate
>> verification against a CA, even found no special hint on how to realize it
>> within the autokey protocol.
>>
>> Is there anyone who have an idea how to realize a X.509v3 certificate
>> verification against a CA?
>>
>> Best gregards, Yours
>>
>> Erek
> 
> Dave Mills is the best person to answer these questions but he's not on
> this list, so I have added him to this reply. Have you looked at the
> autokey protocol for details about how it works?
> 
> Danny
> 


More information about the hackers mailing list