I've started adding references to the draft.
Ian: I didn't touch your recent edits. You said "encrypts the rest of the data" I think we are authenticating rather than encrypting. The new cookies returned from the NTP server are encrypted. I think that's at a different layer. The AEAD stuff is setup to encrypt and the packet format has a slot for the cypher text, but I don't think we will use that. Please let me know if you find something. Gary: A few days ago, we were discussing storing the master keys on disk so the NTP-S and NTS-S boxes didn't need a (network) communication channel. I think we want to be able to put a communication channel in there. Consider: One NTS server for multiple NTP clients. Multiple NTS servers supporting the same name for load sharing or better routing. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list [email protected] http://lists.ntpsec.org/mailman/listinfo/devel
