NTP, the Network Time Protocol, is the way most computers and mobile devices obtain their time through. NTS (Network Time Security) is to NTP what HTTPS is to HTTP. It also is as easy to upgrade as upgrading to HTTPS is these days: No effort for the client, just adding a certificate for the server. […]
Debugging is hard, debugging security protocols doubly so. And there are not many tools and how-to’s availabe for NTS yet. So, here’s a (short) list of NTS problems I have seen and some tricks for debugging them.
Good news is that NTS relies on DNS names, no longer „naked“ IP addresses. But what happens when the DNS name changes, pointing to a different IP address? A look at the protocol, the Chrony source, and the implications.
The choice of Network Time Protocol (NTP) servers supporting NTS is still very limited. Here is some advice to get it to run smooth and trustworty.