Gary said: >> Which ones do you intend to relax? And in any case you don't need a >> whole CA, you can pin a self-signed cert and still do full validation >> on it. > Except we can't. The current NTPsec code does not support any cert > fanciness.
For some value of "any" or "fancy". You can provide a list of trusted certificates. That's how I've been testing with self signed certs. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
