Re: [chrony-dev] Experimental NTS support

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-dev Archives ]


On 2019-03-27T14:31+0100, Miroslav Lichvar wrote:
On Wed, Mar 27, 2019 at 08:23:13AM -0500, Lonnie Abelbeck wrote:


> On Mar 27, 2019, at 6:22 AM, Miroslav Lichvar <mlichvar@xxxxxxxxxx> wrote:
>
> I've been working on an implementation of the new NTP public-key
> authentication called Network Time Security (NTS). Its specification
> will hopefully be finalized in near future.
-snip-
> Nettle and gnutls development files are needed to build chrony with
> NTS support.

Hi Miroslav,

Will OpenSSL (instead of nettle and gnutls) also be supported down the road ?

Probably not. The license of OpenSSL is not compatible with chrony's
licensing (GPLv2). Do you see any issues with gnutls?

I must admit CVE-2020-13777 [1] has cooled me down a lot about GnuTLS. OpenSSL 3.0 (currently in alpha stage) will use the Apache License 2.0 which isn’t compatible with the GPLv2. Sigh, what a mess!


[1] https://gitlab.com/gnutls/gnutls/-/issues/1011

Attachment: signature.asc
Description: PGP signature



Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/