> If you want to specify the IP address, just specify the IP address ("server
> 1.2.3.4") and don't bother with a hostname. Specifying an IP instead of a
> hostname has historically been relatively popular with NTP, especially in
> "network devices" (as opposed to "servers").
I'm interested in the case where the NTS-KE server certificate doesn't support
IP addresses.
We could do something that is mostly outside of ntpd, for example setting up a
DNS cache, running a cron job occasionally to keep it up to date. But how do
we access the cache? If there a library that intercepts DNS calls? Does it
work on all the systems we want to support? ... It sounds reasonable, but
complicated.
I was thinking that the name@address format would be easy to implement and
easy to document and understand.
Maybe I should just wait until people update their certificates to include
their IP Address.
--
These are my opinions. I hate spam.
_______________________________________________
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel
