[ntp:questions] Problem using ntp autokey with the trusted certificate identity s cheme

David Mills mills at udel.edu
Mon Feb 9 18:26:52 UTC 2009


I can't tell if the release and development versions will or will not 
interoperate. That is not because of an incompatibility with the 
protocol, it is because the release version now has a godzilla mix and 
max collection of historic code of many old versions and possibly not 
compatible between versions. You might think the situation would be 
resolved by wholesale update of the release version with the development 
version from time to time. It hasn't happened that way. Bugfixes have 
been applies to the release version and it has drifted away from the 
development branch. This is not my plan and I have advised agzinst it. I 
watch very carefully the development version and make sure it is 
compatible with previous development versions. The only things that have 
changed are the configuration options, which are now much simplified and 
hopefully easy to use.


Martin Burnicki wrote:

>David Mills wrote:
>>You are apparently using the release version of ntpd. That version,
>>while dated early this year, has a patchwork of old and new algorithms.
>>This means that, while the algorithms have been compatible as the
>>versions progress, various combinatinos of old and new algorithms, as in
>>the current release version, probably are not. The only version I can
>>help you with is the development version, which does have compatible
>>algorithms. I put a good deal of effort in the documentation for the
>>development version, including configuration and key generation
>>examples. However, note that the online dodumentation applies only to
>>the development version, not the release version. In any case, the
>>codumentation included in your version appllies specifcally to the
>>softeare of your version.
>>If using the development version, pay close attention to the defaults,
>>especially the default host name and key. I suspect the defaults are not
>>what you expect.
>Does this mean the current release version and the current ntp-dev version
>(which will be the next release version) will not cooperate properly if
>autokey has been enabled?

More information about the questions mailing list