Re: NTP Sync Issue Across Tata (Europe)

[Rubens Kuhl <rubensk () gmail com>]

So little deployment that has 3500 occurrences according to shodan.io.
With such few choices, It should be hard to find suitable options.

Rubens




Em ter., 8 de ago. de 2023 13:02, Mel Beckman <mel () beckman org> escreveu:

> I’m familiar with NTS, which is pointedly not NTP.  That’s like saying
> “TCP port 80 can be made secure,: just use a VPN!” Perhaps when NTS is
> widely deployed it will be an option. As the RFC was only approved in 2020,
> that will probably take a decade. Or more. (I’m talking about you, IPv6 :)
> Not to mention the complexity or NTS for hardware implementation in network
> elements, a primary application (https://tinyurl.com/ntsishard).
>
>  -mel
>
> > On Aug 8, 2023, at 8:26 AM, Rubens Kuhl <rubensk () gmail com> wrote:
> >
> > On Tue, Aug 8, 2023 at 12:12 PM Mel Beckman <mel () beckman org> wrote:
> > > Until the Internet NTP network can be made secure, no.
> >
> > Internet NTP can be made secure, it's called NTS.
> > https://developers.cloudflare.com/time-services/nts/ describes it with
> > links to the RFC, and describes one of the many NTP servers that is
> > available with NTS, time.cloudflare.com. I already mentioned 5 others,
> > and there are many more than those 6.
> >
> >
> > Rubens