Richard Laager via devel writes: > Opportunistic NTS is only applicable when the administrator has not > specified NTS. In that scenario, if ntpd doesn't do opportunistic NTS, > then it's going to do plain NTP. How is the risk that a MITM could > downgrade you only at startup worse than always being "downgraded" > because you didn't even try to upgrade to NTS?
The risk is that you don't know you've been targeted in that way. Anyway, I'm not a big fan of such heuristics. Explain the options and let the user chose. The NTP pool will need to advertise separate NTS-KE anyway, at least I don't see an easy way around that. Regards, Achim. -- +<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+ Factory and User Sound Singles for Waldorf Blofeld: http://Synth.Stromeko.net/Downloads.html#WaldorfSounds _______________________________________________ devel mailing list [email protected] http://lists.ntpsec.org/mailman/listinfo/devel
