> 2) NTS must be supported (by at least some peers) I think that needs to be stronger to be secure. The "at least some" needs to be large enough so that they can't be outvoted by MITM attacks on the rest of the servers that client is using.
It gets more complicated if you think about what happens if one of the servers with NTS turns into a falseticker. -- These are my opinions. I hate spam. _______________________________________________ TICTOC mailing list [email protected] https://www.ietf.org/mailman/listinfo/tictoc
