Yo Richard! On Fri, 18 Jan 2019 18:15:51 -0600 Richard Laager via devel <devel@ntpsec.org> wrote:
> > Nothing in there about using anything from the current TLS > > session. > > ...which uses the master_secret, client_random, and server_random from > the TLS session. Let's look at this another way: There is no TLS session between NTP client and NTP server. UDP only. And yet the NTP server must provide a new cookie every client request. Since there is no TLS session, the master key used can not be from the TLS session. Here is another way. If each connection used a different master key, then the NTPD server would need to store state for each client to know what master key to use. Instead the NTPD server just generates a new master key every day or so. RGDS GARY --------------------------------------------------------------------------- Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703 g...@rellim.com Tel:+1 541 382 8588 Veritas liberabit vos. -- Quid est veritas? "If you can’t measure it, you can’t improve it." - Lord Kelvin
pgpqMfj9Qo8F2.pgp
Description: OpenPGP digital signature
_______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel