[ntp:questions] IFF autokey issue
Steve Kostecke
kostecke at ntp.isc.org
Fri May 11 02:28:56 UTC 2007
On 2007-05-11, David L. Mills <mills at udel.edu> wrote:
> Garrett Wollman wrote:
>
>> Steve Kostecke <kostecke at ntp.isc.org> wrote:
>>
>>>There is no Central Scrutinizer who decrees whether or not a server
>>>is "authentic" or "trusted".
>>
>> It is not up to the server operator whether clients should believe
>> some random self-signed "certificate" proffered by a server (or
>> someone masquerading as a server).
>
> That's why the identity schemes are provided. ...
>
> While it is assumed the trusted host has both the trusted (self-signed)
> certificate and identity keys and a secure way to retrieve the encrypted
> keys,
Such as https://ntp.isc.org/crypto.php
--
Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/
More information about the questions
mailing list