From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from MAIL1.WPI.EDU (MAIL1.WPI.EDU [130.215.36.91]) by huchra.bufferbloat.net (Postfix) with ESMTP id 3716421F206 for ; Mon, 24 Mar 2014 05:29:19 -0700 (PDT) Received: from MAIL1.WPI.EDU (MAIL1.WPI.EDU [130.215.36.91]) by MAIL1.WPI.EDU (8.14.8/8.14.7) with ESMTP id s2OCTIht019124 for ; Mon, 24 Mar 2014 08:29:18 -0400 X-DKIM: Sendmail DKIM Filter v2.8.3 MAIL1.WPI.EDU s2OCTIht019124 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wpi.edu; s=_dkim; t=1395664158; bh=CixTtUSbaAOLX1MGvQ1ZgJGP30Jqx+yvzJM/tjnYiZY=; h=Date:From:To:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Transfer-Encoding:In-Reply-To; b=JR/HHf22u4tpHxUJ2yoi0p0mBgm+IOBnFwakeFTA928vgIKOREDLrDvZ3BxQUcfau Xr+Yh/k0NXMLFnnwSTeTX2mm0C4crVMgm6j93h1fDYBNVla99EvgHXoDwctCW68hKk Tcg2Wz5vhHa0f7Q37KvaftZ4Kao95Z5zj9cevC1c= Received: from mx1.wpi.edu (mx1.wpi.edu [130.215.36.141]) by MAIL1.WPI.EDU (8.14.8/8.14.8) with ESMTP id s2OCTICW019121 for ; Mon, 24 Mar 2014 08:29:18 -0400 Received: from angus.ind.WPI.EDU (ANGUS.IND.WPI.EDU [130.215.130.21]) by mx1.wpi.edu (8.14.4/8.14.4) with ESMTP id s2OCTHpe020614 for ; Mon, 24 Mar 2014 08:29:17 -0400 (envelope-from cra@WPI.EDU) Received: from angus.ind.WPI.EDU (localhost [127.0.0.1]) by angus.ind.WPI.EDU (8.14.4/8.14.4) with ESMTP id s2OCTGZG023098 for ; Mon, 24 Mar 2014 08:29:16 -0400 Received: (from cra@localhost) by angus.ind.WPI.EDU (8.14.4/8.14.4/Submit) id s2OCTGH5023097 for cerowrt-devel@lists.bufferbloat.net; Mon, 24 Mar 2014 08:29:16 -0400 X-Authentication-Warning: angus.ind.WPI.EDU: cra set sender to cra@WPI.EDU using -f Date: Mon, 24 Mar 2014 08:29:16 -0400 From: Chuck Anderson To: cerowrt-devel@lists.bufferbloat.net Message-ID: <20140324122915.GP7867@angus.ind.WPI.EDU> Mail-Followup-To: cerowrt-devel@lists.bufferbloat.net References: <8738i9rwrx.fsf@alrua-x1.karlstad.toke.dk> <12727.1395614516@sandelman.ca> <87txanj4sz.fsf@alrua-x1.karlstad.toke.dk> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <87txanj4sz.fsf@alrua-x1.karlstad.toke.dk> User-Agent: Mutt/1.5.20 (2009-12-10) Subject: Re: [Cerowrt-devel] DNSSEC & NTP Bootstrapping X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Mar 2014 12:29:19 -0000 On Mon, Mar 24, 2014 at 10:59:08AM +0100, Toke Høiland-Jørgensen wrote: > Aaron Wood writes: > > > That would scale well for CeroWRT, but doesn't seem like it would > > scale well for general-use (OpenWRT). Or rather, the use of > > bufferbloat.net wouldn't scale well. But OpenWRT might be able to do > > the same with it's key, and have it's own ntp.openwrt.org which > > resolves into the general ntp pool. > > Would this "caching of the key" be akin to distributing an extra trust > anchor with the key of the domain in question? And would the gain of > doing this be sufficient to warrant the extra complexity (as opposed to > just caching the IP address of one or more NTP servers)? How about writing an RFC to define a well-known NTP anycast address and using that as a fallback? This is a problem that needs to be solved for the larger internet community, not just CeroWRT/OpenWRT.