nanog mailing list archives

Re: NTP Md5 or AutoKey?

From: "Glen Kent" <glen.kent () gmail com>
Date: Tue, 4 Nov 2008 16:41:00 +0530

My original question got drowned amidst all this vibrant discussions!

Do folks already use or plan to use Autokey for NTP?

Glen

On Tue, Nov 4, 2008 at 4:00 PM,  <bmanning () vacation karoshi com> wrote:

On Mon, Nov 03, 2008 at 10:23:07PM -0800, Paul Ferguson wrote:

On Mon, Nov 3, 2008 at 10:15 PM, Glen Kent <glen.kent () gmail com> wrote:

Hi,

I was wondering what most folks use for NTP security?

Do they use the low cost, light weight symmetric key cryptographic
protection method using MD5 or do folks go in for full digital
signatures and X.509 certificates (AutoKey Security)?


I'm just wondering -- in globak scheme of security issue, is NTP
security a major issue?

Just curious.

- ferg


       depends on your POV...  in a dns context, TSIG and DNSSEC validation
       depend on accurate time - failure to resolve data because of a time slip
       might be considered a significantissue.

--bill

Current thread:

Re: NTP Md5 or AutoKey?, (continued)
- - Re: NTP Md5 or AutoKey? Nathan Ward (Nov 03)
    - Re: NTP Md5 or AutoKey? Roland Dobbins (Nov 03)
    - RE: NTP Md5 or AutoKey? Deepak Jain (Nov 05)
  - Re: NTP Md5 or AutoKey? Valdis . Kletnieks (Nov 03)
    - Re: NTP Md5 or AutoKey? Glen Kent (Nov 04)
    - RE: NTP Md5 or AutoKey? Lincoln Dale (Nov 04)
    - RE: NTP Md5 or AutoKey? Tony Finch (Nov 04)
    - Re: NTP Md5 or AutoKey? Kurt Erik Lindqvist (Nov 06)
    - Re: NTP Md5 or AutoKey? Steven M. Bellovin (Nov 04)
  - Re: NTP Md5 or AutoKey? bmanning (Nov 04)
    - Re: NTP Md5 or AutoKey? Glen Kent (Nov 04)
    - Re: NTP Md5 or AutoKey? Ask Bjørn Hansen (Nov 15)
    - Re: NTP Md5 or AutoKey? Joe Greco (Nov 15)
  - Re: NTP Md5 or AutoKey? Kurt Erik Lindqvist (Nov 06)