Re: Need trusted NTP Sources

[Mark Milhollan <mlm () pixelgate net>]

On Thu, 6 Feb 2014, Notify Me wrote:

> According to the auditors, "trusted" means
>
> 1. Universities or Research facilities (nuclear/atomic facilities,
> space research (such as NASA) etc.)
> 2. Main country internet/telecom providers
> 3. Government departments
> 4. Satellites (using GPS module)
>
> Which is a bit of a tall order over here.

In general you should probably be asking <news:comp.protocols.time.ntp>.

You could run your own NTP server using GPS as its reference clock (#4), 
at least I don't think it would be impossible for you to obtain such a 
device.  But not cheap either.  But then RHEL and an audit suggest you 
have some money to spend.  You might even build your own using ntpd and 
a receiver, e.g., GNSS.  See 
<http://www.eecis.udel.edu/~mills/ntp/index.html> for more information.

Some stratum 1 or 2 servers (which are generally run by entities 1 thru 
3 from your list) may allow you to obtain time (perhaps using crypto), 
but of course you'd need to contact them directly.  ntp.org has a list: 
<http://support.ntp.org/bin/view/Servers/WebHome>.

Generally speaking, you'll need at least 3 sources if you want stablity.


Mark