Thanks.
> If that's a thing you want to do on your system, you can. IMHO, it's not
> something that we particularly need to promote, nor would I find it
> desirable operationally. If my NTP server changes their CA provider, then I
> won't be able to talk to them any more until I take manual actio
On 2023-12-03 03:22, Hal Murray via devel wrote:
I'm working on devel-TODO-NTS. (mostly deleting things)
Currently, if a bad guy hacks or arm-twists a certificate authority, they can
sign a certificate that the bad guy can use for a MITM attack.
Yes, that's how the CA ecosystem works. That is
