On Tue, Mar 29, 2016 at 04:35:59AM -0700, Hal Murray wrote: > [email protected] said: > > If I understand how NTS will be implemented correctly, the duration of the > > KE is proportional to the polling interval. > > It probably needs to be smarter than that. If not, rekeying will take a long > time after the polling interval has ramped up.
If the client is using a long polling interval, why would long NTS reinitialization be a problem? A missed NTP packet or client dropping a bad sample is a common occurence. For instance, the clock filter in ntpd can drop up to 7 consecutive samples. A couple of samples dropped due to invalid authentication after the server refreshes its seed shouldn't be a big deal. -- Miroslav Lichvar _______________________________________________ TICTOC mailing list [email protected] https://www.ietf.org/mailman/listinfo/tictoc
