Could somebody give me a lesson in certificates and keys?
I'm somewhat familiar with certificates as used in HTTPS. Are there other common uses? What sort of certificates do we need for testing? Where do we get them I think the NTS-KE-server needs the private key for the certificate(s) it supports. Should we put it in a separate process so bugs in ntpd can't expose the private key? That also allows us to write NTS-KE-server in a HLL. -------- There is an interesting corner case. Telco companies like to put spares on the shelf and expect them to work 10 years later. How often do root certificates roll over? I assume the normal TLS stuff uses a collection of root certificates that are distributed via the normal OS/Distro update mechanism. That won't work if the box is sitting on a shelf. Can -- These are my opinions. I hate spam. _______________________________________________ devel mailing list [email protected] http://lists.ntpsec.org/mailman/listinfo/devel
