On 2007-05-11, David L. Mills <[EMAIL PROTECTED]> wrote: > Garrett Wollman wrote: > >> Steve Kostecke <[EMAIL PROTECTED]> wrote: >> >>>There is no Central Scrutinizer who decrees whether or not a server >>>is "authentic" or "trusted". >> >> It is not up to the server operator whether clients should believe >> some random self-signed "certificate" proffered by a server (or >> someone masquerading as a server). > > That's why the identity schemes are provided. ... > > While it is assumed the trusted host has both the trusted (self-signed) > certificate and identity keys and a secure way to retrieve the encrypted > keys,
Such as https://ntp.isc.org/crypto.php -- Steve Kostecke <[EMAIL PROTECTED]> NTP Public Services Project - http://ntp.isc.org/ _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
