[ntp:questions] Re: "Listen on" semantics
maarten at kittensandcats.net
Mon Sep 25 14:23:15 UTC 2006
"Danny Mayer" <mayer at ntp.isc.org> wrote in message
news:4515FCC3.109 at ntp.isc.org...
> Maarten Wiltink wrote:
>> At this point, people will shriek 'that's an SNTP server! Not NTP!'
>> But is it? What's the difference? The current definition seems to
>> be that to be an NTP server, you have to implement the client
>> functionality (the math) yourself. I think it's more important _that_
>> the math is being done. _Where_ is not that important.
> No, that's not true. The receiving end MUST be the one doing the math.
I meant which process at the receiving end. It might be the client part
even though the server part would be the one claiming 'it _is_ being
>>> OpenBSD's OpenNTP was, as I recall (and IMO), originally a
>>> malignantly broken SNTP implementation.
>> Malignantly, no less? Come off it. Sure, they made mistakes, but that
>> wasn't the intent. The intent was to build something with no exploits.
>> If the question is what comes first, working right or not getting
>> rooted, well, they _are_ OpenBSD.
> Which means absolutely nothing. People don't set up to create buggy
> or exploitable code.
No. But some people actively set up to create code with no exploits.
> [...] On top of that even if the code is not exploitable it doesn't
> mean that it's correct.
People don't set up to create incorrect code, either. NTP is not
without bugs. OpenBSD is not without holes. (For humility, guess which
one is closer.)
>> (Wouldn't a client-mode real NTP, combined with an OpenSNTP server,
>> be the ideal configuration?)
For answering a tongue-in-cheek rhetorical question... no points.
More information about the questions