Thanks. For the record see the "priming the pump" attack in our paper:
https://eprint.iacr.org/2015/1020.pdf On Thursday, March 31, 2016, Harlan Stenn <[email protected]> wrote: > Miroslav Lichvar writes: > > Yes, that is a security issue in the implementation of rate limiting > > in ntpd, which was published last year. You may have seen posts from > > authors of the paper on this list :). The fix is to respond randomly > > when the clients appear to be sending too many requests, so they can't > > be starved from responses completely. At least one NTP implementation > > already does that. > > We're now doing a number of different things along those lines. There > are probably more things we could do, too. > > H > _______________________________________________ > ntpwg mailing list > [email protected] <javascript:;> > http://lists.ntp.org/listinfo/ntpwg > > -- Sharon Goldberg Computer Science, Boston University http://www.cs.bu.edu/~goldbe
_______________________________________________ TICTOC mailing list [email protected] https://www.ietf.org/mailman/listinfo/tictoc
