[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: ntpdate(8) and unbound(8) dependencies during boot
On Sun, Oct 11, 2020 at 12:04:19PM -0400, Greg Troxel wrote:
> I think reasonable is in the eye of the beholder, balancing the security
> goodness from tight replay protection and the pain of trouble when the
> clock is wrong.
Clearly in such a setup (ntpd enabled, DNSSEC used) the default should
switch when ntpd syncs.
Upto that moment the limit could depend on the hardware having a reasonable
RTC, but I guess it could be reasonably forgiving (that is: high offset
in all directions allowed).
Once ntpd has synced, the limit should be relatively small, I'd call 24 hours
way too large.
But this gets us into systemd teritory, and sounds like an overengineered
solution already - and then I don't even want to start thinking about what
happens when ntpd looses sync.
However, this may be a good topic for a new best practices RFC.
Main Index |
Thread Index |