NTP Md5 or AutoKey?

Date: Mon, 3 Nov 2008 22:23:07 -0800
From: "Paul Ferguson" <fergdawgster@gmail.com>

> Hi,
> I was wondering what most folks use for NTP security?
> Do they use the low cost, light weight symmetric key cryptographic
> protection method using MD5 or do folks go in for full digital
> signatures and X.509 certificates (AutoKey Security)?

I'm just wondering -- in globak scheme of security issue, is NTP
security a major issue?

Just curious.

It's probably not a "major issue", but forged NTP data can, in theory,
be used to allow the implementation of replay attacks. I'll admit I have
never heard of a real-world case.

So, can i safely assume that nobody deployes Autokey security for NTP
and the best that one does right now is by using the cryptographic
authentication provided in the base spec of NTPv4.