[ntp:questions] Re: Can NTPv4 be fully fuctional without the Public Key Cryptography
Richard B. Gilbert
rgilbert88 at comcast.net
Wed Dec 21 23:01:08 UTC 2005
Arul Kumar C wrote:
>Hi All,
>
>Can NTPv4 code, be run without Public Key Cryptography. I am trying to
>understand the NTPv4 implementation. I went through the Draft and the
>presentations listed in the site. I could get that both Symmetric key
>and Public key are supported. And also from the code (ntp-4.2.0), all
>the public key crypto is placed within OPENSSL pre-processor macro.
>
>Inspite of all these, I could not strongly conclude that they are
>optional. Just willing to make sure from you experts, whether NTPv4
>can fully functional without Public Key Cryptography.
>
>Please enlighten me. Please let me know if I am missing any info.
>
>Regards,
>Arul Kumar C
>
>
>
You can synchronize your clock without cryptography. Many people do.
You can serve time to others without cryptographic authentication.
If you have a requirement to be absolutely certain that you are dealing
only with the servers you intended to use, you need cryptographic
authentication. You might have this requirement if you are subject to
legal requirements to have your time stamps traceable to NIST or other
national standards laboratories. Cryptographic authentication is the
default for both broadcast and multicast unless you explicitly disable it.
More information about the questions
mailing list