> Why would a client waste all is cookies at once? Since they can be reused > until the NTPD returns a NACK this seems to ddefeat the benefit of keeping > spare cookies around.
To avoid bad-guys tracking you when you change IP Addresses. The NTP client gets a new cookie with each response. If things are working normally, you will never get a NACK or need to run NTS-KE again. "normally" means fewer than 8 lost packets in a row. It might make sense to use the same cookie on all packets in a burst, but then we have to think about switching IP Addresses in the middle of a burst and I don't want to go there. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
