[ntp:hackers] A stop-gap authenticated time service

Terje Mathisen terje at tmsw.no
Mon Nov 16 00:45:36 UTC 2015


Poul-Henning Kamp wrote:
> --------
>
> Here is a summary of the very crude proof-of-concept experiment
> I left simmering the last week:
>
> 	http://phk.freebsd.dk/time/20151115.html
>
To me this seems like an invitation to advocate bare-bones HTTPS service 
on as many pool servers as possible, the cheapest way to achieve this 
would be to make the pool a CA, i.e. avoiding the cost of normal 
Verisign etc certificates.

This ntp CA would of course be compiled in to our code so that it would 
be valid for this special form of sanity checking.

OTOH, what's wrong with just doing the same thing for authenticating 
normal ntp requests.

If we limit the certificates we issue to hosts that have been part of 
the pool for at least N months and behaved well during that period, it 
would make it extremely hard to take over a plurality of the selected 
sources.

(This obviously requires pool.ntp.org to support DNSSEC!)

Terje

-- 
- <Terje at tmsw.no>
"almost all programming can be viewed as an exercise in caching"



More information about the hackers mailing list