Date: Mon, 3 Nov 2008 22:23:07 -0800
From: "Paul Ferguson" <fergdawgster@gmail.com>> Hi,
>
> I was wondering what most folks use for NTP security?
>
> Do they use the low cost, light weight symmetric key cryptographic
> protection method using MD5 or do folks go in for full digital
> signatures and X.509 certificates (AutoKey Security)?
>I'm just wondering -- in globak scheme of security issue, is NTP
security a major issue?Just curious.
It's probably not a "major issue", but forged NTP data can, in theory,
be used to allow the implementation of replay attacks. I'll admit I have
never heard of a real-world case.