Re: ntpdate(8) and unbound(8) dependencies during boot

[Sad Clouds <cryintothebluesky%gmail.com@localhost>]

On Fri, 16 Oct 2020 11:46:31 -0700
Jordan Geoghegan <jordan%geoghegan.ca@localhost> wrote:

> Not exactly, there are no NTP servers running over HTTP, it's a
> similar concept to the tlsdate util [1].

OK but you still need to connect to some server, be it NTP or HTTPS in
order to get the initial time. If you can't rely on DNS (and you don't
want to dynamically modify DNS server/resolver config to ignore clock
skew), then you still have to hard code IP address somewhere. This was
one of the objections raised by some people on this list, as they
didn't want to use IP address for some reason.

In this case, why bother with HTTPS when you could use IP address for a
real NTP server? NTP security is currently being addressed with NTS
(Network Time Security) protocol extensions:

https://blog.cloudflare.com/secure-time/
https://blog.apnic.net/2019/11/08/network-time-security-new-ntp-authentication-mechanism/

NetBSD (and others) need NTS capable client as part of the base OS and
then people like CloudFlare need to provide NTS capable time servers
(which they may already do) via stable IP addresses that never change,
similar to their DNS servers.

NTS is still at the draft stage, but this is probably the best
purpose-built solution for authenticating (and not necessary encrypting)
NTP traffic.