[ntp:questions] Re: server's address in ntp payload?

Brian Utterback brian.utterback at sun.removeme.com
Mon Nov 21 13:23:11 UTC 2005


Danny Mayer wrote:
> David Schwartz wrote:
> 
>>"Danny Mayer" <mayer at gis.net> wrote in message 
>>news:437D4371.2090004 at gis.net...
>>
>>
>>
>>>No it is not a flaw in the protocol design. It would be if it were put
>>>in. The address doesn't belong there, it belongs in the IP header which
>>>the receiving server always gets.
>>
>>
>>    It is a flaw. Its absence requires the receiver to assume that the 
>>origin address of the UDP packet received is the IP address of the sending 
>>server. This assumption may or may not be correct. But if the address were 
>>in there, the assumption would not be needed.
>>
> 
> 
> Absolutely not. That would be a layering violation. Verification is done
> through key exchange and the MAC section in the NTP packet.

If that is a layering violation, then why do you need to know both the
source and destination address of each NTP packet to authenticate it?


-- 
blu

"Having them stolen may become our distribution model..."
Nicolas Negroponte on the Hundred Dollar Laptop.
----------------------------------------------------------------------
Brian Utterback - OP/N1 RPE, Sun Microsystems, Inc.
Ph:877-259-7345, Em:brian.utterback-at-ess-you-enn-dot-kom




More information about the questions mailing list