Richard Laager via devel writes: > On 1/19/19 6:30 PM, Hal Murray wrote: >> We can avoid sharing the master key with many NTP servers if the NTS-KE >> server >> contacts the selected NTP server to get the initial cookies.
The other (and probably better) solution is to establish a different master key for each NTS-KE and NTS server pair, possibly by using the same TLS key exporter scheme. If the NTS-KE is a different entity (as it is in the pool situation) you don't really want it to bog down the NTS server with a TLS connection for each client that contacts the NTS-KE. Regards, Achim. -- +<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+ SD adaptations for Waldorf Q V3.00R3 and Q+ V3.54R2: http://Synth.Stromeko.net/Downloads.html#WaldorfSDada _______________________________________________ devel mailing list [email protected] http://lists.ntpsec.org/mailman/listinfo/devel
