>> We could restart >> NTP-server or NTS-KE-server as long as the other end stayed up and we >> arranged to send the keys in both directions.
> well, you sorta need a key to do that, right? Seems circular... When they are up and running, both the NTP server and the NTS-KE server know the master key. If you restart one end, it can ask the other for the key. >> There is another problem area: who makes the initial certificates. Sorry. Typo on my end. certificates => cookies. Do both NTP-server and NTS-KE-server have to know the new-cookie recipe? Does NTS-KE-server need the master key for anything other than generating cookies? Does it work if only the NTP-server has the master key and the NTS-KE-server gets cookies and S2C and C2S from the NTP server? -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
