[ntp:questions] IFF autokey issue

Garrett Wollman wollman at bimajority.org
Tue May 8 21:01:25 UTC 2007


In article <slrnf41h14.te9.kostecke at stasis.kostecke.net>,
Steve Kostecke  <kostecke at ntp.isc.org> wrote:

>There is no Central Scrutinizer who decrees whether or not a server is
>"authentic" or "trusted".
>
>The entity generating the host parameters marks them as trusted by using
>the '-T' switch during the generation process.

It is not up to the server operator whether clients should believe
some random self-signed "certificate" proffered by a server (or
someone masquerading as a server).

-GAWollman

-- 
Garrett A. Wollman   | The real tragedy of human existence is not that we are
wollman at csail.mit.edu| nasty by nature, but that a cruel structural asymmetry
Opinions not those   | grants to rare events of meanness such power to shape
of MIT or CSAIL.     | our history. - S.J. Gould, Ten Thousand Acts of Kindness




More information about the questions mailing list