Danny Mayer wrote:
David Schwartz wrote:
"Danny Mayer" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
No it is not a flaw in the protocol design. It would be if it were put
in. The address doesn't belong there, it belongs in the IP header which
the receiving server always gets.
It is a flaw. Its absence requires the receiver to assume that the
origin address of the UDP packet received is the IP address of the sending
server. This assumption may or may not be correct. But if the address were
in there, the assumption would not be needed.
Absolutely not. That would be a layering violation. Verification is done
through key exchange and the MAC section in the NTP packet.
If that is a layering violation, then why do you need to know both the
source and destination address of each NTP packet to authenticate it?
--
blu
"Having them stolen may become our distribution model..."
Nicolas Negroponte on the Hundred Dollar Laptop.
----------------------------------------------------------------------
Brian Utterback - OP/N1 RPE, Sun Microsystems, Inc.
Ph:877-259-7345, Em:brian.utterback-at-ess-you-enn-dot-kom
_______________________________________________
questions mailing list
[email protected]
https://lists.ntp.isc.org/mailman/listinfo/questions
