NTP Md5 or AutoKey?
glen.kent at gmail.com
Tue Nov 4 05:11:00 CST 2008
My original question got drowned amidst all this vibrant discussions!
Do folks already use or plan to use Autokey for NTP?
On Tue, Nov 4, 2008 at 4:00 PM, <bmanning at vacation.karoshi.com> wrote:
> On Mon, Nov 03, 2008 at 10:23:07PM -0800, Paul Ferguson wrote:
>> On Mon, Nov 3, 2008 at 10:15 PM, Glen Kent <glen.kent at gmail.com> wrote:
>> > Hi,
>> > I was wondering what most folks use for NTP security?
>> > Do they use the low cost, light weight symmetric key cryptographic
>> > protection method using MD5 or do folks go in for full digital
>> > signatures and X.509 certificates (AutoKey Security)?
>> I'm just wondering -- in globak scheme of security issue, is NTP
>> security a major issue?
>> Just curious.
>> - ferg
> depends on your POV... in a dns context, TSIG and DNSSEC validation
> depend on accurate time - failure to resolve data because of a time slip
> might be considered a significantissue.
More information about the NANOG