On Mon, 30 Mar 2020 at 01:58, Ragnar Sundblad <ra...@kth.se> wrote: > A protocol with varying packet size, as the NTS protected NTP is, > can easily have the bad property of having responses larger than the > requests if not taken care. Don’t you see that?
Why? Why not pad requests to guarantee attenuation vector until authenticity of packets can be verified? MinimaLT does this. I think all UDP based and initial TCP should do it, doing it for existing protocols may not be possible, but why not for new? I proposed similar method for proxy-trace (bidir tracerouting) - https://github.com/ytti/proxy-trace/blob/master/draft-ytti-intarea-proxy-trace.xml#L169 -- ++ytti
