Gary said: > One is sufficient for that. Cookie reuse is fine.
Cookie reuse is fine in the sense that it should work. But the whole tone of the draft is that they won't be reused. There is only a minor note that says you can reuse them. I think we should follow the spirit of the draft rather than explore a corner case. > Yes, but then you have no spare cookies for when you DO lose 8 packets in a > row. It is pretty common to lose 8 packets in a row on today's internet. How often do we lose 8 packets in a row when they are spread out at 1 minute intervals? (I have data in old log files but it will take me a while to dig it out. I fixed a bug a couple of days ago.) It might make sense to reuse a cookie during a burst. That case can wait. Reusing cookies makes more sense in the static case where you aren't worried about tracking, a server or home PC rather than a laptop or smart phone. Again, that case can wait. > Sure we can. Nothing in the Proposed RFC says the NTPD must invalidate > cookies. As a practical matter maybe the NTPD needs a config option for > cookie lifetime. The cookie lifetime is the master key lifetime. Sure, the NTP server could remember old keys forever. The intention is clearly that the client rotates cookies and that the server only remembers the current key and 1 old key. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
