Date: Mon, 24 Feb 2014 13:52:27 +0000 From: "Poul-Henning Kamp" <phk@phk.freebsd.dk> To: Joe Holden <lists@rewt.org.uk> Cc: freebsd-current@freebsd.org Subject: Re: ntpd replacement (Was: Re: Import of DragonFly Mail Agent) Message-ID: <45248.1393249947@critter.freebsd.dk> In-Reply-To: <530B2DEE.3030808@rewt.org.uk> References: <20140223211155.GS1699@ithaqua.etoilebsd.net> <CAFY7cWBh0ThajQpK4wZYj0wPrhTL608wtNDQNvOLnryjp4_jCg@mail.gmail.com> <530B13CA.6000005@rewt.org.uk> <33612.1393235765@critter.freebsd.dk> <20140224100036.GA1699@ithaqua.etoilebsd.net> <530B2500.5030608@rewt.org.uk> <37319.1393239415@critter.freebsd.dk> <530B2750.3050200@rewt.org.uk> <20140224110842.GA83610@ithaqua.etoilebsd.net> <530B2953.3030901@rewt.org.uk> <20140224111745.GA13864@roberto-aw.eurocontrol.fr> <530B2C7E.3050208@rewt.org.uk> <530B2DEE.3030808@rewt.org.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <530B2DEE.3030808@rewt.org.uk>, Joe Holden writes: >The other point I should make here is that if you care that much about >time security you shouldn't be contacting ntp servers over 3rd party >networks anyway, at least not without some IP-level >encryption/authentication, or use a source that can't easily be used as >an attack surface, such as GPS/MSF etc. Please check how NTP is authenticated before giving bad advice, it's all in the RFC. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45248.1393249947>