[pkg-ntp-maintainers] Bug#687166: Bug#687166: ntp: NTP security vulnerability because not using authentication by default
Ask Bjørn Hansen
ask at ntppool.org
Mon Sep 10 21:06:52 UTC 2012
Hi Kurt,
Of course you are right. DNSSEC will help a different use case.
That leaves us the first problem of the keys having to be secret which is impossible if "random servers" are hosting them.
If the Debian project had a set of servers with autokey configured that should be used for ntp.debian.org or auth.debian.pool.ntp.org or some such then we could setup the NTP Pool system to do the monitoring and DNS for those.
Ask
More information about the pkg-ntp-maintainers
mailing list