Yo Hal! On Fri, 01 Feb 2019 11:11:14 -0800 Hal Murray via devel <devel@ntpsec.org> wrote:
> Gary said:
> > But then how do I say I want 2 from this pool and 2 from that
> > pool?
>
> With the current code, you can't.
>
> I don't think we should tangle that discussion with NTS.
Too late. How to make the pool and nts play together is already an issue.
> >> If you need more, it does another DNS lookup.
> > And, of course, that DNS thing is problematic with NTS...
>
> I think there is a reasonable parallel between get another server via
> DNS and get another server via NTS-KE.
Yes, except the protocol, as defined in the Proposed RFC, does not support it.
> There are (at least) two ways to interpret:
> pool pool.example.com nts
>
> 1) It could do a NTS-KE connection to pool.example.com and get back
> several IP Addresses and associated cookies. The protocol doesn't
> support that yet, but seems reasonable to extend.
Except we don't control the protocol. And the typical pool is
single servers. We can expect this to contrinue with the typical
pool NTS-KE server only having on NTD server associated, and thus
unable to return more than one NTPD server.
> 2) It could do a DNS lookup on pool.example.com, get back several IP
> addresses, then do a NTS-KE dance with each address.
Which may fail because different NTS-KE server may return the same
NTPD address. But still they way I would start to look at it.
This prolly needs to be brought up to the WG.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
g...@rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
pgpATd_D_D2zj.pgp
Description: OpenPGP digital signature
_______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
