James Browning said: > IIRC the previous key is kept for a rotation. Unless you are using something > like poll 14+ it shouldn't be a problem.
Correct. That's for K, the key the server uses to encrypt/decrypt part of a cookie. The client doesn't know anything about that key. But there is another pair of keys: C2S and S2C. They are used to authenticate and encrypt traffic between client and server. There is no explicit mechanism to roll them over - nor is there a need for one. In order to avoid tracking, cookies are not reused. Normally, the client has 8 cookies. For each NTP request-response exchange, the client sends a cookie and gets back a new one. If a packet gets lost, the client only has 7 unused cookies. On the next request, it says "PS: please send me an extra cookie." If 8 packets in a row are lost, the client will be out of unused cookies. At that point, it can either reuse cookies or go through NTS-KE again to get new cookies. NTS-KE will also refresh C2S and S2C. But if no packets are lost, C2S and S2C will be used forever. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
