[Cerowrt-devel] DNSSEC & NTP Bootstrapping
toke at toke.dk
Mon Mar 24 05:59:08 EDT 2014
Aaron Wood <woody77 at gmail.com> writes:
> That would scale well for CeroWRT, but doesn't seem like it would
> scale well for general-use (OpenWRT). Or rather, the use of
> bufferbloat.net wouldn't scale well. But OpenWRT might be able to do
> the same with it's key, and have it's own ntp.openwrt.org which
> resolves into the general ntp pool.
Would this "caching of the key" be akin to distributing an extra trust
anchor with the key of the domain in question? And would the gain of
doing this be sufficient to warrant the extra complexity (as opposed to
just caching the IP address of one or more NTP servers)?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 489 bytes
Desc: not available
More information about the Cerowrt-devel