On Sun, Mar 03, 2019 at 10:25:31PM +0100, Achim Gratz via devel wrote: > Kurt Roeckx via devel writes: > > I don't see how it can work with the current pool system. You look > > something up like pool.ntp.org and get some IP addresses. But none > > of those will have a certificate for pool.ntp.org, so the > > verification of the certificate will fail. > > You will still look up a pool address, just for the NTS-KE of that pool, > which will have a proper certificate by definition. The NTS-KE will > then give you back a different NTS server to use. Since this server > needs to agree on the master key and the initial set of cookies with the > NTS-KE, if you can successfully communicate with the NTS, it is indeed > the server that the NTS-KE has assigned to you. No certificate for that > server is needed.
There currently isn't a protocol defined between the NTP server and the NTS-KE. This would mean that if you want to use it with the pool that such a protocol would need to be defined. I also don't think NTS is designed for this use case. I'm not sure what the security implications are, but at least hacking the pool then seems like a way to be able to impersonate all servers in the pool. Kurt _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
