[ntpwg] Stronger symmetric NTP authentication
Bhatia, Manav (Manav)
manav at alcatel-lucent.com
Tue Dec 2 04:22:15 UTC 2008
Dave,
>
> 1. Your suggestion seriously compromises the intended design that the
> extension fields must be validated by the MAC and invites a circular
> deconstruction. The design requires that the packet be
> validated without
> inspection of the extension field contents.
I think we're going in circles now.
It's a trivial implementation tweak to check that if the new
authentication scheme is employed then one of the extension fields would
carry the authentication data. I cant seem to understand how this
affects the core protocol design. We cant always assume that our digest
would only be 16 octets.
Cheers, Manav
More information about the ntpwg
mailing list