El Wed, 07-07-2010 a las 12:20 -0400, Martin Langhoff escribió: > Apparently the ntp protocol supports some server-signing of the > messages -- we could use an OATS key for that. But it looks rickety.
Authenticated NTP sounds like a good solution. NTP4 supports public key cryptography based on SSL certificates. We don't have to reuse the OATS keys for authentication and we also don't have to use the same server for OATS and NTP. Any trusted public ntp server should be fine. Maybe also the school servers. So, how about setting up a public ntp server and publishing the keys? I've already been running two public servers for one year or so: time1.sugarlabs.org time2.sugarlabs.org These are registered with ntp.org. I could generate keys and use them with py builds. Anyone else would be welcome to use our servers, of course. Alternatively, we could simply distribute ntp keys to our xs with puppet. However, this would stop working once the kids leave the school system. In case we opt for using public ntp servers with no authentication, I've also registered olpc.ntp.org (as recommended by someone in this thread). -- // Bernie Innocenti - http://codewiz.org/ \X/ Sugar Labs - http://sugarlabs.org/ _______________________________________________ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel