On 11/26/2014 10:09 AM, Miroslav Lichvar wrote:
We still do. Unless the number of bad servers added from DHCP is large
enough to disrupt the NTP source selection algorithm or the pool
servers are not reachable (NTP traffic blocked), it shouldn't be a big
problem. Of course, without authentication this can't reliably protect
against MITM attacks.
Do we even use the DHCP NTP server assignment?
I was more worried about 123/UDP interception (which makes kind of sense
to improve NTP accuracy, but can of course turn out to be quite wrong).
I think Florian meant getting time over HTTPS from a Fedora server.
Yes, there are various places where the server time is included under
cryptographic protection. We'd have to hard-code the certificate,
though, because we cannot do PKIX validation without system time
information.
--
Florian Weimer / Red Hat Product Security
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct