This area is a tangle. I'm looking for ideas.
The context for thinking about this is that several NTS-KE servers have more than one IP Address. I'd like to be able to test all of them and/or maybe use more than one. Let's start with the simple case - no NTS. There are a few NTP servers with names that return multiple IP Addresses. I'd like to be able to test all of those too. Fortunately, we can do that by specifying their individual numerical IP Addresses. But a cleaner approach almost works. If foo has several addresses, it should be reasonable to say server foo server foo and have the code that processes the DNS answers skip over the ones that are already in use. Currently, that doesn't work because configpeers kicks out duplicates. I think the skip-in-use code is there -- or maybe it's over in the pool case. I'll investigate removing that check. --------- There are several unimplemented nts server options: ask, require expire cert Should we remove them, mostly to clean up the documentation? --------- Maybe there should be a mode so things work similarly to pool: setup servers for all IP Addresses that come back from DNS lookup. But do it only once. (pool mode tries again if it needs more servers) --------- Do we need something like the expire option to check DNS again? -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
