[refid discussion] [email protected] said: > If you don't see the benefits, that's ok. I just thought I should write my > suggestions and see if anyone agrees with that.
I think that's an important idea. We need to consider the trade-offs between security from hiding the real refid compared to the forensic value of being able to figure out what is or was going on. On the other hand, I don't have a handful of stories where it has been helpful so maybe it isn't really important. Is a warm-fuzzy feeling worth anything? [email protected] said: > If the client is fixed to not accept spoofed packets, what exactly the > attacker can do with that information? It tells the bad guys one of the servers a system is using. That is probably useful targeting information, either for DoS or for infiltration via phishing or exploit. [email protected] said: > I've received reports on loops forming between three peers that were polling > one another when they stopped receiving time from their upstream sources. I > was able to reproduce that. It's not a critical issue, but I think it would > be nice if NTP could prevent that. Doesn't that case bump the stratum level each time around the loop until is falls off the end? -- These are my opinions. I hate spam. _______________________________________________ TICTOC mailing list [email protected] https://www.ietf.org/mailman/listinfo/tictoc
