I'm working on devel-TODO-NTS. (mostly deleting things) Currently, if a bad guy hacks or arm-twists a certificate authority, they can sign a certificate that the bad guy can use for a MITM attack.
We can make that a lot harder if we lookup the current root certificate that a server is currently using, find that certificate in a system's root cert collection, and add a ca xxx to the server line. That doesn't take any changes to ntpd. It needs some script hacking. I think the openssl command can handle much of the details. Is that called pinning? If not, is there a term for it? Wiki has a page for a related proposal: https://en.wikipedia.org/wiki/Certificate_pinning Is this interesting? Anybody interested in writing that script? ------ There is another tangle with verifying certificates. OCSP Is that interesting? https://en.wikipedia.org/wiki/OCSP -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org https://lists.ntpsec.org/mailman/listinfo/devel
