[ntp:hackers] Protocol specification modification for MS-SNTP
abartlet at samba.org
Tue Jul 7 00:52:23 UTC 2009
On Mon, 2009-07-06 at 22:13 +0000, Dave Hart wrote:
> It would be preferable to me if we can manage to support both Autokey
> and Samba signing at the same time. I think the only concession
> needed is breaking every 2^128th autokey and MD5 signature where the
> hash happens to be all zeroes.
Aren't the odds that the universe would die a heat-death before this
> With care, even that should be
> avoidable if we treat a correctly-validated all-zeroes signature
> differently from one where our computed digest differs.
I suppose the real question is: will the autokey client retry with a
different signature after a short time?
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : https://lists.ntp.org/pipermail/hackers/attachments/20090707/70d7a0b7/attachment.bin
More information about the hackers