[LEAPSECS] stale leap second information
Harlan Stenn
stenn at ntp.org
Fri Jan 16 17:19:49 EST 2015
Warner Losh writes:
> ... Clients can use them to sort out source of truth to determine the
> truthiness of a given NTP servers information.
>
> It will also allow you to leverage DNSSEC to get all the security
> inherent in that. Oh wait :)
DNSSEC needs accurate time (just to state what I expect is obvious).
> Or you could sign the data with a public key that BIPM could publish
> so the data can be validated as authentic, though that only works if
> there's a convention for getting the signature for some
> canonical representation of the data.
All of this goes to the apparent lack of OS support for what should be
done when the time "steps" - those sort of events could be reason to
re-evaluate a significant class of timer events, which includes the need
to re-evaluate trust certificates, which may cause a reload of DNS and
other prior vetted information.
--
Harlan Stenn <stenn at ntp.org>
http://networktimefoundation.org - be a member!
More information about the LEAPSECS
mailing list