[ntp:questions] Re: requestor's time; transmit timestamp?

roy roy at suespammers.org
Tue Nov 29 04:42:27 UTC 2005


Brian Utterback wrote:
> It is not a convention. It is a requirement of the protocol. Contrary
> to the statement made at the URL, it does nothing to improve the
> security while at the same time breaking the protocol. Using this
> "feature" destroys the symmetric peer mode, which requires that the
> time flow both ways.

Brian, I agree with you.  According to RFC 2030, the Originate
Timestamp is client's time, not some arbitrary value.  But OpenNTPD
only implements part of RFC 2030, so it is not even a full SNTP
implementation.  As far as I can tell, it does not support anything but
unauthenticated unicast association.  Symmetric peer mode was never
implemented, so they really don't care that their 64-bit cookie hack
breaks it.

Sigh...


roy




More information about the questions mailing list