On 11/20/19 6:32 AM, Hal Murray via devel wrote: > What is the long term importance of shared keys? (old authentication) Is it > useful/important to have a backup that doesn't use OpenSSL and doesn't depend > on certificates? (we do use their crypto library)
I don't use them, so that biases my opinion. That said, I think it should go away at some point in favor of NTS. However, there are a couple of concerns that I can think of: 1) Shared key authentication does not have the time-based bootstrapping problems relating to certificate validation that NTS does. At a minimum, we need to implement something there. I've made a proposal previously. 2) Important time services (e.g. NIST and the like) supposedly offer shared-key time service. Unless/until they support NTS, it may not be an alternative if people want traceability to official time. -- Richard _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
