> You also have to add a few lines on the NTP server to reject requests without
> certificates.
I expect that just that "simple" feature would eliminate most of the trash.
For a while.
--
These are my opinions. I hate spam.
___
devel mailing
Yo Project Manager via devel!
On Thu, 14 Feb 2019 20:54:06 -0800
"Mark Atwood, Project Manager via devel" wrote:
> How hard would it be to implement, and what does it buy us?
My WAG is under 100 lines of code to implement. The client needs to
send his client cert, and the server needs to chec
> and what does it buy us?
Gary suggested it would allow a server to restrict its clients without having
to know their IP Address.
> How hard would it be to implement
Depends what "it" is.
If the spec is "signed by one of these (root) certs", that's probably only an
evening/weekend. Round
How hard would it be to implement, and what does it buy us?
--
Mark Atwood
http://about.me/markatwood
+1-206-604-2198
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel
--
These are my opinions. I hate spam.
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel