[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Cryptography] Network Time Protocol security

Phillip Hallam-Baker <phill AT hallambaker.com> writes:

>Let us step back and ask what the actual security requirements are. I don't 
>think they are quite the same as what secure-NTP would provide.

Read the linked requirements docs, I think they've covered things pretty well
(almost unheard of for IETF security standards, they've published a 
comprehensive analysis and threat model before designing a solution).  In 
particular the first ref discusses both time-critical and security-critical 
applications, where you need millisecond or better synchronisation and 
protection against possibly quite motivated attackers.

The cryptography mailing list
cryptography AT metzdowd.com