cc706b50b9
If AES-128-GCM-SIV is available on the client, add it to the requested algorithms in NTS-KE as the first (preferred) entry. If supported on the server, it will make the cookies shorter, which will get the length of NTP messages containing only one cookie below 200 octets. This should make NTS more reliable in networks where longer NTP packets are filtered as a mitigation against amplification attacks exploiting the ntpd mode 6/7 protocol. |
||
|---|---|---|
| .. | ||
| compilation | ||
| kernel | ||
| simulation | ||
| system | ||
| unit | ||