{"draft":"draft-ietf-ntp-autokey-08","doc_id":"RFC5906","title":"Network Time Protocol Version 4: Autokey Specification","authors":["B. Haberman, Ed.","D. Mills"],"format":["ASCII","HTML"],"page_count":"58","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"Network Time Protocols","abstract":"This memo describes the Autokey security model for authenticating\r\nservers to clients using the Network Time Protocol (NTP) and public\r\nkey cryptography.  Its design is based on the premise that IPsec\r\nschemes cannot be adopted intact, since that would preclude stateless\r\nservers and severely compromise timekeeping accuracy.  In addition,\r\nPublic Key Infrastructure (PKI) schemes presume authenticated time\r\nvalues are always available to enforce certificate lifetimes;\r\nhowever, cryptographically verified timestamps require interaction\r\nbetween the timekeeping and authentication functions.\r\n\r\nThis memo includes the Autokey requirements analysis, design\r\nprinciples, and protocol specification.  A detailed description of\r\nthe protocol states, events, and transition functions is included.  A\r\nprototype of the Autokey design based on this memo has been\r\nimplemented, tested, and documented in the NTP version 4 (NTPv4)\r\nsoftware distribution for the Unix, Windows, and Virtual Memory\r\nSystem (VMS) operating systems at http:\/\/www.ntp.org.  This \r\ndocument is not an Internet Standards Track specification; it is\r\npublished for informational purposes.","pub_date":"June 2010","keywords":["ntp","ntpv4","public key cryptography"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC5906","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc5906"}