Date: Fri, 24 Apr 2015 09:50:11 +0200 From: Florian Weimer <fweimer@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: tlsdate havoc ahead - default host randomizes tls timestamps On 04/23/2015 05:37 PM, Hanno Böck wrote: > And there is some work done in the IETF to create a secure version of > ntp: > > https://tools.ietf.org/html/draft-ietf-ntp-network-time-security-08 > https://tools.ietf.org/html/draft-ietf-ntp-cms-for-nts-message-03 > https://tools.ietf.org/html/draft-ietf-ntp-using-nts-for-ntp-00 I've been arguing to replace the custom security protocol they have invented with DTLS. The discussion is happening on the IETF NTP working group mailing list: <http://lists.ntp.org/listinfo/ntpwg> (Note: somewhat unusual for IETF lists, it's moderated, for first-time posters at least.) -- Florian Weimer / Red Hat Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.