Re: NTP Md5 or AutoKey?

• From: Glen Kent
• Date: Tue Nov 04 06:11:14 2008

• List-archive: <http://mailman.nanog.org/pipermail/nanog>
• List-help: <mailto:[email protected]?subject=help>
• List-id: North American Network Operators Group <nanog.nanog.org>
• List-post: <mailto:[email protected]>
• List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=subscribe>
• List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=unsubscribe>

My original question got drowned amidst all this vibrant discussions!

Do folks already use or plan to use Autokey for NTP?

Glen

On Tue, Nov 4, 2008 at 4:00 PM,  <[email protected]> wrote:
> On Mon, Nov 03, 2008 at 10:23:07PM -0800, Paul Ferguson wrote:
>> On Mon, Nov 3, 2008 at 10:15 PM, Glen Kent <[email protected]> wrote:
>>
>> > Hi,
>> >
>> > I was wondering what most folks use for NTP security?
>> >
>> > Do they use the low cost, light weight symmetric key cryptographic
>> > protection method using MD5 or do folks go in for full digital
>> > signatures and X.509 certificates (AutoKey Security)?
>> >
>>
>> I'm just wondering -- in globak scheme of security issue, is NTP
>> security a major issue?
>>
>> Just curious.
>>
>> - ferg
>
>        depends on your POV...  in a dns context, TSIG and DNSSEC validation
>        depend on accurate time - failure to resolve data because of a time slip
>        might be considered a significantissue.
>
> --bill
>

• Follow-Ups:
  • Re: NTP Md5 or AutoKey? Ask Bjørn Hansen

• References:
  • NTP Md5 or AutoKey? Glen Kent
  • Re: NTP Md5 or AutoKey? Paul Ferguson
  • Re: NTP Md5 or AutoKey? bmanning

• Prev by Date: Re: NTP Md5 or AutoKey?
• Next by Date: Re: L2tp for DSL
• Date Index
• Thread Index
• Author Index
• Historical