[ntp:questions] Re: server's address in ntp payload?

Danny Mayer mayer at ntp.isc.org
Sun Nov 27 01:57:09 UTC 2005


David Schwartz wrote:
> 
>     I think using the IP addresses in the crypto code is pretty bone-headed 
> anyway, assuming you rely on it in any way. You should use a public key 
> identifier, not an IP address. Using it as quick 'which endpoint *might* I 
> be talking to' or '*might* this be from the same host I was talking to 
> before' is fine. But you should never rely on it.
> 

I'm not going to respond to the rest of this as the two of you have
gotten way off topic. The newsgroup is about NTP and not UDP.

The above makes a basic erroneous assumption aout how autokey works. It
doesn't work the way you think. The IP Addresses are just two
ingredients in creating the protocol, not the only ones. You really need
to read how it works before you criticize what it uses.

Danny




More information about the questions mailing list