[ntp:questions] Authentication

Hal Murray hal-usenet at ip-64-139-1-69.sjc.megapath.net
Tue Mar 20 06:01:36 UTC 2007

>>> Many sites run without authentication.  Others need to be able to prove
>>> that their time stamps are traceable to NIST or some comparable national
>>> standards agency in another country.  Such sites need authentication.

>> How many of the national standards laboratories support authentication?

>> I took a quick poke with google and didn't find any public
>> keys from NIST.  (I could easily have missed them.)

>They may not want to give out keys to everyone. Just because nothing is
>posted doesn't mean that they don't have.  Almost noone makes these
>things public.

I think I'm missing something.

Congress passed a law saying that stock brokers have to time-stamp
transaction traceable to NIST.  I assume NIST is expected to cooperate,
either by funding from Congress or a pay-for-service system.

Why wouldn't NIST want to publicize the procedure for getting
authenticated time?

Is the limiting factor CPU cycles or network bandwidth?

Assuming it's CPU cycles, what's the ballpark cost to replicate
a bank of CPUs to solve the problem?  (aka authenticate everything)

Even with a pay-for-service system, but I'd still expect a web page
describing how to sign up or who to contact for more info.

These are my opinions, not necessarily my employer's.  I hate spam.

More information about the questions mailing list