[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: time resolution (was Re: six-page binary format draft)

To: "Donald E. Eastlake 3rd" <dee@cybercash.com>
Subject: Re: time resolution (was Re: six-page binary format draft)
From: Steven Bellovin <smb@research.att.com>
Date: Tue, 02 Dec 1997 09:32:23 -0500
Cc: Marc Branchaud <marcnarc@xcert.com>, spki@c2.net
Sender: owner-spki@c2.net

	 As I recall the NTP specified security feature depends on shared
	 secret keys with no specified key distribution mechanism.

Yes, but that isn't the point -- NTP's authentication is hop-by-hop,
not end-to-end.  See 

@inproceedings{Bishop-ntp,
        author = {Bishop, Matt},
        title = "A Security Analysis of the {NTP} Protocol",
        booktitle = {Sixth  Annual Computer Security Conference Proceedings},
        address = {Tucson, AZ},
        pages = {20--29},
        year = 1990,
        month = {December},
        url = {ftp://louie.udel.edu/pub/ntp/doc/security.ps.Z}
}

for a more complete analysis.  (As an aside, there's a new draft RFC
on NTP authentication.  I haven't read it yet, and I don't know if it
addresses Bishop's concerns.)

Prev by Date: I-D ACTION:draft-ietf-spki-cert-structure-03.txt
Next by Date: Re: three digital signature models ... for x9.59
Prev by thread: Re: time resolution (was Re: six-page binary format draft)
Next by thread: Re: date format
Index(es):
- Main
- Thread