On 2007-05-07, Vladimir Smotlacha <[EMAIL PROTECTED]> wrote: > I setup up an IFF identity scheme at my labs NTP server and client. > I did it exactly according to available documentation and it worked O.K. > However, I tried it once more with new keys and certficates but without > copying IFF parameters to the client (i.e. the client did not know IFF > parameters). I expected that the authentication fails but it was > successful again.
The Trusted Certificate (TC) Identity Scheme was being used because you generated trusted host parameters (with '-T') on the server, > It seems that the client acts the same way as in previous case. Because the authentication was successful. > Should there be observed a difference in client behavior in both > cases? The only difference that you will see is in the flags for that association on the client end. > What profit has client from knowledge of the IFF params and key? I'll let someone else answer that. -- Steve Kostecke <[EMAIL PROTECTED]> NTP Public Services Project - http://ntp.isc.org/ _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
