RFC 5906

Network Time Protocol Version 4: Autokey Specification, June 2010

Canonical URL:
https://www.rfc-editor.org/rfc/rfc5906.txt
File formats:
Plain TextPDF
Status:
INFORMATIONAL
Authors:
B. Haberman, Ed.
D. Mills
Stream:
IETF
Source:
ntp (int)

Cite this RFC: TXT  |  XML

DOI:  http://dx.doi.org/10.17487/RFC5906

Discuss this RFC: Send questions or comments to ntpwg@lists.ntp.org

Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

This memo describes the Autokey security model for authenticating servers to clients using the Network Time Protocol (NTP) and public key cryptography. Its design is based on the premise that IPsec schemes cannot be adopted intact, since that would preclude stateless servers and severely compromise timekeeping accuracy. In addition, Public Key Infrastructure (PKI) schemes presume authenticated time values are always available to enforce certificate lifetimes; however, cryptographically verified timestamps require interaction between the timekeeping and authentication functions. This memo includes the Autokey requirements analysis, design principles, and protocol specification. A detailed description of the protocol states, events, and transition functions is included. A prototype of the Autokey design based on this memo has been implemented, tested, and documented in the NTP version 4 (NTPv4) software distribution for the Unix, Windows, and Virtual Memory System (VMS) operating systems at http://www.ntp.org. This document is not an Internet Standards Track specification; it is published for informational purposes.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader



Search RFCs
Advanced Search
×