> Which means it's time for a serious on-list conversation about what our next
> major objective beyond wrapping up NTS is.

Other ideas to consider...

Randomize client side ports.  (big messy discussion on IEFT list)

We may want/need servers supporting NTS to support non standard port number, 
probably in addition rather than instead of 123.  That's a hack to bypass 
filtering in various places to prevent the DDoS amplification from ages ago.  
I gather it's not uncommon to filter packets to/from port 123 longer than 48 
bytes which drops NTP packets using NTS.




-- 
These are my opinions.  I hate spam.



_______________________________________________
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Reply via email to