Re: NTP Md5 or AutoKey?

• From: bmanning
• Date: Tue Nov 04 05:30:22 2008

• List-archive: <http://mailman.nanog.org/pipermail/nanog>
• List-help: <mailto:[email protected]?subject=help>
• List-id: North American Network Operators Group <nanog.nanog.org>
• List-post: <mailto:[email protected]>
• List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=subscribe>
• List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=unsubscribe>

On Mon, Nov 03, 2008 at 10:23:07PM -0800, Paul Ferguson wrote:
> On Mon, Nov 3, 2008 at 10:15 PM, Glen Kent <[email protected]> wrote:
> 
> > Hi,
> >
> > I was wondering what most folks use for NTP security?
> >
> > Do they use the low cost, light weight symmetric key cryptographic
> > protection method using MD5 or do folks go in for full digital
> > signatures and X.509 certificates (AutoKey Security)?
> >
> 
> I'm just wondering -- in globak scheme of security issue, is NTP
> security a major issue?
> 
> Just curious.
> 
> - ferg

	depends on your POV...  in a dns context, TSIG and DNSSEC validation
	depend on accurate time - failure to resolve data because of a time slip
	might be considered a significantissue.

--bill

• Follow-Ups:
  • Re: NTP Md5 or AutoKey? Glen Kent

• References:
  • NTP Md5 or AutoKey? Glen Kent
  • Re: NTP Md5 or AutoKey? Paul Ferguson

• Prev by Date: Re: NTP Md5 or AutoKey?
• Next by Date: Re: NTP Md5 or AutoKey?
• Date Index
• Thread Index
• Author Index
• Historical