[ntp:security] [Bug 2936] Skeleton Key: Missing key check allows impersonation between authenticated peers

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Sun Oct 11 01:30:34 UTC 2015


http://bugs.ntp.org/show_bug.cgi?id=2936

--- Comment #1 from Harlan Stenn <stenn at ntp.org> 2015-10-11 01:30:34 UTC ---
The first and biggest problem I see with this report is that it assumes there
is supposed to be a connection between a private key and a server.  No such
connection exists with symmetric keys for NTP.

-- 
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list