Yo Hal! On Wed, 20 Mar 2019 15:22:33 -0700 Hal Murray via devel <devel@ntpsec.org> wrote:
> Gary said:
> > Only if you figure out how to not have a huge daily rush to rekey.
>
> Under normal conditions, there is never any need to rekey.
We've gone around on that many times before. We disagree.
Using the same master key (with a ratchet) will eventually give the
attacker enought data to crack it. Maybe a long, long, time, but in
crypto a long, long, time always cmoes much sooner than expected.
> The server holds 2 cookie keys. When it makes a new key, the current
> key gets moved to the old key and the previous old key is lost.
So no ratchet? That would then be a rekey. A rekey not needing the
NTS-KE.
> Cookies using either the new or old key will work. When the client
> uses an old key, it gets back a new key. So as long as the client
> polling interval is fast enough, it gets new keys while all its old
> keys still work.
What does the spec say for the client to do with the old cookie
when it gets a new cookie?
> The keys are saved on disk so you can restart the server without
> rekey problems.
I guess we have to assume the NTPD host is secure...
> > Ah, Gentoo unstable updated to openssl 1.1.0j on March 6th.
> > Do I need any change in basic NTPsec build?
>
> It should just build and work.
I'll try it.
> The server ask, require, expire, cert, and ca options are not
> implemented.
Eventually.
> I wanted the ca option, but it's not simple to implement. I'll have
> to think about it.
Yeah, little is easy with openssl...
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
g...@rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
pgp46sMYFvCDo.pgp
Description: OpenPGP digital signature
_______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
