David,
Not at all to prolong this discussion, but there is a simple test to
determine if multiple addresses belong to the same machine. If a
certificate with public key works and is verified for a number of
addresses, they are all on the same machine and that machine has the
private key. I do the same thing here as you do, trusted with no
authenticate and untrusted with authentication. There is a discussion on
secure hierarchical groups on the autokey protocol page and briefing at
the NTP project page.
Dave
David Schwartz wrote:
"Danny Mayer" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
David Schwartz wrote:
For example, suppose I have two servers, A and B. A is talking to a
third server C. I wish to determine if a server B is talking to is that
same
server C, or a distinct server, D. How will a session hash help me do
that?
On the other hand, a public server ID that is globally unique *will* help
me
do that. The source IP won't, because a single machine can have multiple
addresses.
That's what the refid is for.
I've seen many servers with the same refid. It does not appear to be a
globally unique server identifier.
DS
_______________________________________________
questions mailing list
[email protected]
https://lists.ntp.isc.org/mailman/listinfo/questions
