Hal Murray wrote: > What's the right way to think about how security fits into our priorities? > How should we use that to prioritize our work?
Security *should* be the top priority, and it should have a significant influence on the schedule. I, however, don't bucket sort it that way. > Should we split this discussion into NTP and TLS/KE? We should split the conversation roughly that way, as TLS is not our area. > Eric wants to convert our current codebase to Go. In terms of security, how > does that compare with getting our code running on Windows? How do we think > about that sort of trade-off? Windows deployments would likely not go beyond enthusiasts anytime soon if we pulled the code out of mothballs. Fleet deployments would have to go past management which would likely quash it. IIRC the intention was to port it away from C. Go was just the best candidate at the time. Porting to Go would be mildly problematic; TLS1.3 support was absent last I checked, as was packet time-stamping. My strawmen are that instead of doing a straight port to Go. We should port NTPsec in interface-compatible pieces. Initially running in the same process, they could later be separated into different processes which communicate. Each section would have the basics, IPC, statistics, and the following. - the client core would need to run loopy math. - the clock adjuster would need access to the clock. - the server(s) would need packet time-stamping and, if without port forwarding access to port 123. - reference clocks would only need their specific hardware interface. - remote clocks would need packet time-stamping and high ports. If one were ambitious, they could tie into something like a not-bad botnet and be deployed that way. > There is another feature we need. The current code wakes up every second. > That's evil if you want to save battery power. How important are laptops? We should rewrite ntpd/ntp_timer:timer() to sleep until there is something to do rather than waking every second and checking the boredom. I think systemd-timesyncd and chrony probably have the laptop niche cornered at the moment. The correct channel to ask for its' relevance would probably be statistics from downstream or the (undead) ntpsec-users list. > I think we need a script to tell somebody which root CA a site is using. That sounds like a job for OpenSSL. _______________________________________________ devel mailing list devel@ntpsec.org https://lists.ntpsec.org/mailman/listinfo/devel
