In message <[email protected]> Michael Richardson writes: > >>>>> "Mark" == Mark Andrews <[email protected]> writes: > >> Or you solve the time problem some other way... > >> > >> Batteries die too... Jim > > Mark> Indeed. It should be a user servicable part. > > Mark> As to solving it other way, "leap of faith" springs to mind. > > DHCP has an NTP server option. Does IP6CP?
If you are trying to validate keys or certificates or proteocol extensions that require knowing the time of day, then using the DHCP supplied NTP server might not be a great idea. I'm not fond of protocols that rely on time or monotonically increasing reboot counts and have no fallback. I advocated in OSPF discussions relevant to KARP (to no avail) having at least a fallback to a mechanism in which time of day or reboot count was not significant. This means no certificate expiration check is possible for the fallback but its better than no connectivity. The lack of certificate expiration can be compensated for by creating an explicit revokation after the key expires and storing that. Curtis _______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
