> Only if the cert is not pinned. Pretty much every else I do with certs
> eventually requires pinning. NTPsec will be no different.
Could somebody please give me a lesson on this area?
What is pinning? Why have I not encountered it before?
If ntpsec supported it, what would it look like a
On 3/27/19 6:07 PM, Gary E. Miller via devel wrote:
> On Wed, 27 Mar 2019 15:57:16 -0700
> Hal Murray via devel wrote:
>
>> Richard Laager said:
>>> Does NTS with noval actually buy us anything over plain NTP?
>>
>> It's handy for debugging.
>
> Yes. Otherwise NTPsec could not have reached 1
Yo Sanjeev!
On Thu, 28 Mar 2019 09:30:34 +0800
Sanjeev Gupta wrote:
> Gary, no, I didn't install their cert chain.
Ouch.
I'm on: OpenSSL 1.0.2r
> Do you need access to my host?
Ask Hal, he is working on that code.
scons version 3.0.5 broke the gpsd build. I'm knee deep in that mess.
>
>
Gary, no, I didn't install their cert chain.
Do you need access to my host?
On Thu, Mar 28, 2019, 9:25 AM Gary E. Miller via devel
wrote:
> Yo Sanjeev!
>
> On Thu, 28 Mar 2019 09:16:17 +0800
> Sanjeev Gupta wrote:
>
> > Mine works.
>
> Odd.
>
> > root@ntpmon:~/ntpsec# git describe
> > NTPsec_1
Yo Sanjeev!
On Thu, 28 Mar 2019 09:16:17 +0800
Sanjeev Gupta wrote:
> Mine works.
Odd.
> root@ntpmon:~/ntpsec# git describe
> NTPsec_1_1_3-444-gc4d912883
backup /usr/local/src/NTP/ntpsec # git describe
NTPsec_1_1_3-444-gc4d912883
> root@ntpmon:~/ntpsec# grep ostfalia /etc/ntp.conf
> server -
Yo Hal!
On Wed, 27 Mar 2019 15:57:16 -0700
Hal Murray via devel wrote:
> Richard Laager said:
> > Does NTS with noval actually buy us anything over plain NTP?
>
> It's handy for debugging.
Yes. Otherwise NTPsec could not have reached 100% at the hackathon.
That would have been bad...
> It
Richard Laager said:
> Does NTS with noval actually buy us anything over plain NTP?
It's handy for debugging.
It breaks security if the bad guy can do a MITM.
--
I was thinking along the same lines. Should we have a command line switch,
say "--secure", that requires nts (without nova
> Today's changes broke osfalia.
Something is screwed up. I haven't figured out what.
My test case is:
server204.17.205.23 nts noselect noval # pi3.rellim.com
It's not going through the NTS-KE dance. It will probably be simple after I
find it.
--
These are my opinions. I ha
Yo Richard!
On Wed, 27 Mar 2019 16:23:19 -0500
Richard Laager via devel wrote:
> On 3/26/19 4:27 PM, Gary E. Miller via devel wrote:
> > I added noval, still can not connect:
> >
> > server 204.17.205.23 maxpoll 5 nts noval # pi3
>
> I wonder if we should revisit "noval". I think I originall
On 3/26/19 4:27 PM, Gary E. Miller via devel wrote:
> I added noval, still can not connect:
>
> server 204.17.205.23 maxpoll 5 nts noval # pi3
I wonder if we should revisit "noval". I think I originally argued in
favor of having it, as a standard TLS client knob. But IIRC, Daniel
suggested it was
Yo Udo!
On Wed, 27 Mar 2019 17:39:10 +0100
Udo van den Heuvel via devel wrote:
> Why would ntpsec after a reboot move the pll to values at the edge of
> what I am graphing using mrtg?
I'd love to have someone take a hard look at ntpd startup behavior.
Lot's of odd things going on then.
> Befor
Hello,
Why would ntpsec after a reboot move the pll to values at the edge of
what I am graphing using mrtg?
Before the reboot the pll values were closer to 0.
ntpq> kerninfo
associd=0 status=0428 leap_none, sync_uhf_radio, 2 events, no_sys_peer,
pll offset:92.1357
pll frequency:
12 matches
Mail list logo
