- Cloudflare have very good adjacency (if PCH did anycast ntp, we'd use it)
- As ntp input, it is great they don't leapsmear
- Not all their nodes do ntp, hope they succeed at scaling that up
- ntpd constrains (un-auth) ntp packets within a TLS constraint window
so there is no downside (unlike pool.ntp entries which slowly decay
but that's a story for another commit..)
ok otto
constraint to keep them in check. in the worst case of being on a
dark net, nothing changes.
this is being enabled by default to allow gathering of more operational
information from users. and if the operational heuristics in ntpd can be
suitable refined, this may stay the default into the future. if not, ntpd
will become even more awesome along the way.
with reyk rpe
time from HTTPS servers, by parsing the Date: header, and use the
median constraint time as a boundary to verify NTP responses. This
adds some level of authentication and protection against MITM attacks
while preserving the accuracy of the NTP protocol; without relying on
authentication options for NTP that are basically unavailable at
present. This is an initial implementation and the semantics will be
improved once it is in the tree.
Discussed with deraadt@ and henning@
OK henning@
- move it from BIN1 to EXAMPLES in src/etc/Makefile
- change the installer to create the file instead of editing it
- add a '+' to the corresponding changelist entry
suggested by and OK deraadt@
OK for the installer change krw@