[ntp:security] Ephemeral time servers
stenn at nwtime.org
Sat Jan 9 04:32:33 UTC 2016
On 1/8/16 7:45 PM, Danny Mayer wrote:
> On 1/8/2016 6:35 PM, Harlan Stenn wrote:
>> What is the use case for getting time from an ephemeral server, or from
>> ephemeral servers?
> What does that even mean? How do you even know that the server exists
> and is available?
If B says "peer A" and A has no line about server B, then a passive
association is spun up.
If authentication is used, then even if a host says "restrict ...
nopeer", an association *will* be spun up because NOPEER does not apply
to authenticated messages.
This conversation may soon have to become encrypted.
Harlan Stenn <stenn at nwtime.org>
http://networktimefoundation.org - be a member!
More information about the security