On Mon, Jan 14, 2019, 12:30 PM Gary E. Miller via devel <devel@ntpsec.org wrote:
> Yo Hal! > > On Mon, 14 Jan 2019 12:19:09 -0800 > Hal Murray via devel <devel@ntpsec.org> wrote: > > > When the NTP server is returning new cookies to the client, they are > > encrypted so that a spy can't track the client if it moves to a new > > IP Address before it uses the cookie. > > I see nothing in the Proposed RFC that binds a cookie to an IP. Good > thing, it is a bad idea. Adding (a) cookie field(s) could allow interesting behavior such as client migration tracking and forced key expiration after N rounds of NTP queries. It might be worth considering for restrictions in draft 16.
_______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel