Eric said: > Can we toss out these cipher config options in favor of a mechanism that > *discovers* what the available cipher are and does the right thing?
I believe that server ntp.example.com nts should work in many/most cases. We'll have to provide sensible defaults for all of the options. We need to setup a mechanism to review the defaults occasionally. Maybe with each release. Maybe on Mark's birthday. The idea is to track progress in the crypto community. If the default today is to allow TLS 1.2, sometime we should bump the min up to 1.3. Yes, that means breaking backwards compatibility. Lots of warning... -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
