Re: NTP Sync Issue Across Tata (Europe)

[Mel Beckman <mel () beckman org>]

Go for it. I’m sure NTS’ complexity clocks lots of hours for expensive consultants :)

Me, I’m sticking with GPS.)

-mel via cell

On Aug 8, 2023, at 11:34 AM, Rubens Kuhl <rubensk () gmail com> wrote:


So little deployment that has 3500 occurrences according to shodan.io<http://shodan.io>.  With such few choices, It 
should be hard to find suitable options.

Rubens




Em ter., 8 de ago. de 2023 13:02, Mel Beckman <mel () beckman org<mailto:mel () beckman org>> escreveu:
I’m familiar with NTS, which is pointedly not NTP.  That’s like saying “TCP port 80 can be made secure,: just use a 
VPN!” Perhaps when NTS is widely deployed it will be an option. As the RFC was only approved in 2020, that will 
probably take a decade. Or more. (I’m talking about you, IPv6 :) Not to mention the complexity or NTS for hardware 
implementation in network elements, a primary application (https://tinyurl.com/ntsishard).

 -mel

> On Aug 8, 2023, at 8:26 AM, Rubens Kuhl <rubensk () gmail com<mailto:rubensk () gmail com>> wrote:
>
> On Tue, Aug 8, 2023 at 12:12 PM Mel Beckman <mel () beckman org<mailto:mel () beckman org>> wrote:
> > Until the Internet NTP network can be made secure, no.
>
> Internet NTP can be made secure, it's called NTS.
> https://developers.cloudflare.com/time-services/nts/ describes it with
> links to the RFC, and describes one of the many NTP servers that is
> available with NTS, time.cloudflare.com<http://time.cloudflare.com>. I already mentioned 5 others,
> and there are many more than those 6.
>
>
> Rubens