On Wed, Jul 08, 2015 at 04:06:50PM +0200, Xavier Bestel wrote: > > I'm (lightly for now) interested in securing the PTP protocol, and just had > a glance at an attempt from Google: > https://tools.ietf.org/html/draft-ietf-ntp-network-time-security-09 > > I'm sure some of you know about it, I'm less sure their solution works > correctly with hardware timestamping (they seem to compute a hash from the > whole packet). Is anybody familiar with this know if it should work ?
Well, a hash over the entire packet will not work with one-step, obviously, unless done in HW. But there is no difficulty when using follow-up messages. I did skim through that draft a while back, and it is hard to see how it would work for PTP. For example, the draft seems to mandate unicast. Anyhow, I would wait and see what, if anything, becomes the standard for secure PTP. After all, there is still is 1588 Annex K... Thanks, Richard ------------------------------------------------------------------------------ Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/ _______________________________________________ Linuxptp-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/linuxptp-devel
