> Imagine a server that uses the suggested cookie approach and simply never > rolls over K. As long as the client daemon is running, its cookies will be > valid and keep getting renewed. C2S and S2C will never get rolled over. > Should the client track an expiration limit in memory, and when that limit is > hit, re-run NTS-KE?
Note that the client keeps using the same C2S and S2C even if the server does roll over K. ------- > But there is a middle ground: opportunistic NTS. The downside of opportunistic X is that it appears to be working but may stop working without any warning. I think we should avoid it. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list [email protected] http://lists.ntpsec.org/mailman/listinfo/devel
