On Thu, Mar 12, 2020 at 09:24:55AM -0500, Ask Bjørn Hansen wrote: > On Mar 12, 2020, at 09:45, Miroslav Lichvar <[email protected]> wrote: > > > > One of my suggestions was to specify a NTS-KE redirect where the > > server wouldn't provide cookies, but a TTL and a list of hostnames and > > addresses. It would basically be DNS over NTS-KE. Easy to implement on > > both servers and clients. If the clients were caching the results > > properly, the load should be a fraction of the NTS-KE load at the NTP > > servers. Would that make sense for pool.ntp.org? > > Isn’t that just partially re-implementing dns-over-http?
Yes, except it's reusing parts of NTS, greatly simplifying everything. NTS clients don't need to implement a DNS client and NTS servers don't need to run a DNS server (or clients don't have to care about selecting trusted DNS servers). > - clients only trusting a pool certificate authority (that only issues short > lived certs for x.nts.ntppool.org or some such). With this you don’t need > anything in dns and a mitm attacker at least need to be registered in the > pool. Would the servers be able to MITM attack connections to other servers? > The pool system could make sure to always offer clients diversity in which > servers it tells a client to use (diversity by ASN, user who registered the > server, etc) to make it hard for an attacker to control all the servers a > client might use at any given time. That sounds good. -- Miroslav Lichvar _______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
