Mark Atwood <mark.atw...@ntpsec.org>:
> On Sat, Aug 24, 2019, at 20:54, Eric S. Raymond wrote:
> > Mark Atwood via devel <devel@ntpsec.org>:
> > > > Interesting talk about changing the sampling algorithm to harden NTP
> > > > against time-shift attacks. This is very much on-mission for us and I
> > >
> > > Any updates or thoughts?
> >
> > Daniel seems to think it;s more trouble than it's worth for an atttack that
> > is
> > theoretical and very difficult to pull off.
> >
> > I think there might be some sizzle value in being able to say we have it.
>
> How hard do you think it would be to implement.
>
> Related question, how hard would it be to test?
Implementation, not too hard. 4-5 days maybe.
Testing. That's a tough one. Because the attack is subtle and
difficult, it would be hard to know we were preventing it correctly.
I really don't even know how to estimate this.
--
<a href="http://www.catb.org/~esr/";>Eric S. Raymond</a>
_______________________________________________
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel
