[ntp:hackers] ntp Authentification support for X.509v3 against
a Certificate Authority (CA)
Laatz, Erek
laatz at makdata.de
Wed Jun 21 14:44:50 UTC 2006
Danny,
thank you very much for your answer and the support adding Dave Mills to this
reply!
Unfortunately I have studied the ntp documentation of Dave Mills and also his
new book 'Computer Network Time Synchronization - The Network Time Protocol' (I
would tell you - it's a strong and long way to get it here in Germany) but I
found no hint on how to configure this special topic.
Usual autokey (IFF) with self generated X.509v3 certificates works fine in our
test environment!
Erek
Erek Laatz
Danny Mayer wrote:
> Laatz, Erek wrote:
>> Dear all,
>>
>> we want to set up a larger environment for around 60 NTP servers in Germany.
>> All these hosts will have the ability to use system specific X509v3
>> certificates issued by a CA. Our idea is to use these certificates also for ntp
>> authentification as we have the requirement to use some kind of
>> authentification within the ntp installations.
>>
>> I've looked in several sources but found no idea how to realize a certificate
>> verification against a CA, even found no special hint on how to realize it
>> within the autokey protocol.
>>
>> Is there anyone who have an idea how to realize a X.509v3 certificate
>> verification against a CA?
>>
>> Best gregards, Yours
>>
>> Erek
>
> Dave Mills is the best person to answer these questions but he's not on
> this list, so I have added him to this reply. Have you looked at the
> autokey protocol for details about how it works?
>
> Danny
>
More information about the hackers
mailing list