Re: [chrony-dev] Experimental NTS support

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-dev Archives ]

To: chrony-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [chrony-dev] Experimental NTS support
From: Vincent Blut <vincent.debian@xxxxxxx>
Date: Tue, 9 Jun 2020 00:21:41 +0200

On 2019-03-27T14:31+0100, Miroslav Lichvar wrote:

On Wed, Mar 27, 2019 at 08:23:13AM -0500, Lonnie Abelbeck wrote:



> On Mar 27, 2019, at 6:22 AM, Miroslav Lichvar <mlichvar@xxxxxxxxxx> wrote:
>
> I've been working on an implementation of the new NTP public-key
> authentication called Network Time Security (NTS). Its specification
> will hopefully be finalized in near future.
-snip-
> Nettle and gnutls development files are needed to build chrony with
> NTS support.

Hi Miroslav,

Will OpenSSL (instead of nettle and gnutls) also be supported down the road ?


Probably not. The license of OpenSSL is not compatible with chrony's
licensing (GPLv2). Do you see any issues with gnutls?

I must admit CVE-2020-13777 [1] has cooled me down a lot about GnuTLS.OpenSSL 3.0 (currently in alpha stage) will use the Apache License 2.0which isn’t compatible with the GPLv2. Sigh, what a mess!



[1] https://gitlab.com/gnutls/gnutls/-/issues/1011

Attachment: signature.asc
Description: PGP signature

Follow-Ups:
- Re: [chrony-dev] Experimental NTS support
  - From: Miroslav Lichvar

Messages sorted by: [ date | thread ]
Prev by Date: Re: [chrony-dev] Compiling tests on macOS X
Next by Date: Re: [chrony-dev] Experimental NTS support
Previous by thread: Re: [chrony-dev] Compiling tests on macOS X
Next by thread: Re: [chrony-dev] Experimental NTS support

Mail converted by MHonArc 2.6.19+

http://listengine.tuxfamily.org/