Yo Richard! On Fri, 18 Jan 2019 20:17:11 -0600 Richard Laager via devel <[email protected]> wrote:
> On 1/18/19 8:05 PM, Gary E. Miller via devel wrote:
> > Section 5.1, they come from RFC 5706 using the PRF() function.
>
> Agreed.
>
> > The question is where the master key used by PRF() comes from.
>
> That comes from the TLS session.
Once again: there is no TLS session between NTPD client and NTPD server.
Once again: the NTPD server must generate new keys withour TLS.
> See RFC 5705's mentions of "TLS
> master secret".
Yes, that is what it says, but since we have no TLS session, we have no
TLS master key. So, instead, we use another master key.
We use the algorithm of RFC 5705, but in a context with no TLS.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
[email protected] Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
pgpiOiq39117q.pgp
Description: OpenPGP digital signature
_______________________________________________ devel mailing list [email protected] http://lists.ntpsec.org/mailman/listinfo/devel
