NTP Md5 or AutoKey?
Glen Kent
glen.kent at gmail.com
Tue Nov 4 11:11:00 UTC 2008
My original question got drowned amidst all this vibrant discussions!
Do folks already use or plan to use Autokey for NTP?
Glen
On Tue, Nov 4, 2008 at 4:00 PM, <bmanning at vacation.karoshi.com> wrote:
> On Mon, Nov 03, 2008 at 10:23:07PM -0800, Paul Ferguson wrote:
>> On Mon, Nov 3, 2008 at 10:15 PM, Glen Kent <glen.kent at gmail.com> wrote:
>>
>> > Hi,
>> >
>> > I was wondering what most folks use for NTP security?
>> >
>> > Do they use the low cost, light weight symmetric key cryptographic
>> > protection method using MD5 or do folks go in for full digital
>> > signatures and X.509 certificates (AutoKey Security)?
>> >
>>
>> I'm just wondering -- in globak scheme of security issue, is NTP
>> security a major issue?
>>
>> Just curious.
>>
>> - ferg
>
> depends on your POV... in a dns context, TSIG and DNSSEC validation
> depend on accurate time - failure to resolve data because of a time slip
> might be considered a significantissue.
>
> --bill
>
More information about the NANOG
mailing list