Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 24 Apr 2015 09:50:11 +0200
From: Florian Weimer <fweimer@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: tlsdate havoc ahead - default host randomizes
 tls timestamps

On 04/23/2015 05:37 PM, Hanno Böck wrote:

> And there is some work done in the IETF to create a secure version of
> ntp:
> 
> https://tools.ietf.org/html/draft-ietf-ntp-network-time-security-08
> https://tools.ietf.org/html/draft-ietf-ntp-cms-for-nts-message-03
> https://tools.ietf.org/html/draft-ietf-ntp-using-nts-for-ntp-00

I've been arguing to replace the custom security protocol they have
invented with DTLS.  The discussion is happening on the IETF NTP working
group mailing list: <http://lists.ntp.org/listinfo/ntpwg>  (Note:
somewhat unusual for IETF lists, it's moderated, for first-time posters
at least.)


-- 
Florian Weimer / Red Hat Product Security

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ