nanog mailing list archives

Re: Question on Loosely Synchronized Router Clocks

From: "Brandon Galbraith" <brandon.galbraith () gmail com>
Date: Thu, 20 Sep 2007 14:41:16 -0500

On 9/20/07, James R. Cutler <james.cutler () consultant com> wrote:


 Kerberos does not assume clock synchronization.
Kerberos requires reasonable clock synchronization.
And, as near as I can tell, clock synchronization is not part of the
Kerberos protocol.

Kick me if I err in this.

        Cutler


http://en.wikipedia.org/wiki/Kerberos_%28protocol%29#Kerberos_drawbacks<http://en.wikipedia.org/wiki/Kerberos_%2528protocol%2529#Kerberos_drawbacks>

"Kerberos requires the clocks of the involved hosts to be synchronized. The
tickets have time availability period and, if the host clock is not
synchronized with the clock of Kerberos server, the authentication will
fail. The default configuration requires that clock times are no more than
10 minutes apart. In practice,
NTP<http://en.wikipedia.org/wiki/Network_Time_Protocol>daemons are
usually employed to keep the host clocks synchronized."

Current thread:

Re: Question on Loosely Synchronized Router Clocks, (continued)
- - - Re: Question on Loosely Synchronized Router Clocks Bora Akyol (Sep 18)
    - Re: Question on Loosely Synchronized Router Clocks Xin Liu (Sep 18)
    - Re: Question on Loosely Synchronized Router Clocks Bora Akyol (Sep 18)
    - Re: Question on Loosely Synchronized Router Clocks Valdis . Kletnieks (Sep 18)
    - Re: Question on Loosely Synchronized Router Clocks Steven M. Bellovin (Sep 18)
    - Re: Question on Loosely Synchronized Router Clocks Adrian Chadd (Sep 18)
    - Re: Question on Loosely Synchronized Router Clocks William Herrin (Sep 18)
    - Re: Question on Loosely Synchronized Router Clocks Stephen Sprunk (Sep 18)
    - Re: Question on Loosely Synchronized Router Clocks Jeff McAdams (Sep 19)
    - Re: Question on Loosely Synchronized Router Clocks James R. Cutler (Sep 20)
    - Re: Question on Loosely Synchronized Router Clocks Brandon Galbraith (Sep 20)
    - Re: Question on Loosely Synchronized Router Clocks Steven M. Bellovin (Sep 20)
    - RE: Question on Loosely Synchronized Router Clocks Buhrmaster, Gary (Sep 20)
    - Re: Question on Loosely Synchronized Router Clocks Janet Sullivan (Sep 17)
    - Re: Question on Loosely Synchronized Router Clocks Robert E. Seastrom (Sep 17)
    - Re: Question on Loosely Synchronized Router Clocks Stephen Sprunk (Sep 18)
    - Re: Question on Loosely Synchronized Router Clocks bmanning (Sep 19)
    - Re: Question on Loosely Synchronized Router Clocks Deepak Jain (Sep 17)
    - Re: Question on Loosely Synchronized Router Clocks Kevin Oberman (Sep 17)
- RE: Question on Loosely Synchronized Router Clocks Eric Lutvak (Sep 17)
- Re: Question on Loosely Synchronized Router Clocks Robert Bonomi (Sep 18)