"Danny Mayer" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Maarten Wiltink wrote:
>> At this point, people will shriek 'that's an SNTP server! Not NTP!' >> But is it? What's the difference? The current definition seems to >> be that to be an NTP server, you have to implement the client >> functionality (the math) yourself. I think it's more important _that_ >> the math is being done. _Where_ is not that important. > > No, that's not true. The receiving end MUST be the one doing the math. I meant which process at the receiving end. It might be the client part even though the server part would be the one claiming 'it _is_ being done'. >>> OpenBSD's OpenNTP was, as I recall (and IMO), originally a >>> malignantly broken SNTP implementation. >> >> Malignantly, no less? Come off it. Sure, they made mistakes, but that >> wasn't the intent. The intent was to build something with no exploits. >> If the question is what comes first, working right or not getting >> rooted, well, they _are_ OpenBSD. > > Which means absolutely nothing. People don't set up to create buggy > or exploitable code. No. But some people actively set up to create code with no exploits. > [...] On top of that even if the code is not exploitable it doesn't > mean that it's correct. People don't set up to create incorrect code, either. NTP is not without bugs. OpenBSD is not without holes. (For humility, guess which one is closer.) >> (Wouldn't a client-mode real NTP, combined with an OpenSNTP server, >> be the ideal configuration?) > > No. For answering a tongue-in-cheek rhetorical question... no points. Groetjes, Maarten Wiltink _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
