[ntpwg] Issues with the NTP draft -06
Steve Kostecke
kostecke at ntp.org
Mon Jun 25 14:00:05 UTC 2007
Heiko Gerstung said:
>Steve Kostecke schrieb:
>
>> Heiko Gerstung said:
>>
>>> Using a public host key of the server would work as well. But I do
>>> not see that this helps in preventing loops, the only benefit I
>>> could see is if a server would carry all those unique IDs of all
>>> servers between the stratum 0 source and itself around and pass that
>>> list on to its downstream servers/clients. That would enable us to
>>> provide a "time trail" or a solution to the "traceable" time" stuff.
>>
>> Autokey, when properly configured, provides exactly this capability.
>
>Sounds great, Is there any tool or utility out there that can show me
>the exact trace for an instance of ntpd?
If you're looking for something that will pretty-print the certificate
trail, or shrink-wrap it in a GUI, the answer is no. However all of the
raw data is available.
A snapshot of the certificates held by ntpd are displayed in the 'ntpq
-crv' output (ntpq -c"rv 0 cert" displays just the certificates).
The cryptostats log file provides a log of certificate receipt, etc.
>To: Steve Kostecke <kostecke at ntp.org>
>Cc: ntpwg at support.ntp.org
Please send your replies TO: the list and refrain from CC:ing me.
--
Steve Kostecke <kostecke at ntp.org>
NTP Public Services Project http://support.ntp.org/
Public Key at http://support.ntp.org/Users/SteveKostecke
More information about the ntpwg
mailing list