[ntp:questions] IFF autokey issue

Steve Kostecke kostecke at ntp.isc.org
Fri May 11 02:28:56 UTC 2007


On 2007-05-11, David L. Mills <mills at udel.edu> wrote:

> Garrett Wollman wrote:
>
>> Steve Kostecke <kostecke at ntp.isc.org> wrote:
>>
>>>There is no Central Scrutinizer who decrees whether or not a server
>>>is "authentic" or "trusted".
>>
>> It is not up to the server operator whether clients should believe
>> some random self-signed "certificate" proffered by a server (or
>> someone masquerading as a server).
>
> That's why the identity schemes are provided. ...
>
> While it is assumed the trusted host has both the trusted (self-signed) 
> certificate and identity keys and a secure way to retrieve the encrypted 
> keys,

Such as https://ntp.isc.org/crypto.php

-- 
Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/




More information about the questions mailing list