[ntp:questions] Re: Crypto iffpar

Serge Bets serge.bets at NOSPAM.laposte.invalid
Wed Dec 21 11:27:17 UTC 2005

 On Saturday, December 17, 2005 at 6:17:28 +0000, Steve Kostecke wrote:

> In that message I omitted the fact that the client, _at_ _that_
> _time_, had an IFFpar file so that it could serve authenticated time
> to another system.

Climbing up the thread, in that message and since then you said:

>>>>>>> files in the client's /etc/ntp: [no ntpkey_iff_stasis]
>>>>>>> [1st cryptostats]
>>>>>>> 53712 65898.557 ntpkey_IFFpar_stasis.3342803910 mod 384
>>>>> No, I don't. Please re-read my previous article; that line you
>>>>> quoted above is from a much older article.
>>>>> Those tests were performed with 'stasis' configured purely as a
>>>>> unicast client of 'ntp0'.
>>> No. I really don't
>>> [2nd cryptostats]

And you call that an "omitted fact"? Nice terminology. I would have
naively called that a voluntary propagation of misleading informations
in the intent to hide a previous mistake. But your wording is way
better. While at it you should have dared to suggest that there is
confusion on my side... Hey, wait a second. Bravo, you've done it:

>>> You may be confused by the fact the one of my sets of results was
>>> generated while stasis was configured to serve authenticated time to
>>> a third host.

> The existence of this IFFpar file is [...]

The heart of the ConfiguringAutokey problem. The main reason of this
whole debate. The *only* single point of disagreement between us. There
are other disagreements, but they are only secondary consequences of
this one single point, and they will mostly self-dissolve once the truth

>> What means this 0x2 at certificate loading?

Thank you for the informations.

> Here's yet another extract. For this one I regenerated the client
> parameters with 'ntp-keygen -H -p .....' to make sure that we're using
> "strict client" host parameters.

Thanks. Very odd 3rd cryptostats, I don't understand it:

- Your 1st cryptostats was similar to mine when I have added a
  ntpkey_iff_Client to be loaded at startup.

- Your 2nd cryptostats was similar to mine when I have added a
  "crypto ident iff" ntp.conf statement.

- This 3rd cryptostats doesn't look like anything I ever saw. What is
  it? Not client mode I suppose?

Serge point Bets arobase laposte point net

More information about the questions mailing list