Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 24 Feb 2014 11:33:02 +0000
From:      Joe Holden <lists@rewt.org.uk>
To:        freebsd-current@freebsd.org
Subject:   Re: ntpd replacement (Was: Re: Import of DragonFly Mail Agent)
Message-ID:  <530B2DEE.3030808@rewt.org.uk>
In-Reply-To: <530B2C7E.3050208@rewt.org.uk>
References:  <20140223211155.GS1699@ithaqua.etoilebsd.net> <CAFY7cWBh0ThajQpK4wZYj0wPrhTL608wtNDQNvOLnryjp4_jCg@mail.gmail.com> <530B13CA.6000005@rewt.org.uk> <33612.1393235765@critter.freebsd.dk> <20140224100036.GA1699@ithaqua.etoilebsd.net> <530B2500.5030608@rewt.org.uk> <37319.1393239415@critter.freebsd.dk> <530B2750.3050200@rewt.org.uk> <20140224110842.GA83610@ithaqua.etoilebsd.net> <530B2953.3030901@rewt.org.uk> <20140224111745.GA13864@roberto-aw.eurocontrol.fr> <530B2C7E.3050208@rewt.org.uk>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 24/02/2014 11:26, Joe Holden wrote:
> On 24/02/2014 11:18, Ollivier Robert wrote:
>> According to Joe Holden on Mon, Feb 24, 2014 at 11:13:23AM +0000:
>>> hm, I can't say I have noticed this as being a problem where I've
>>> used it, are there any scenarios where this is a showstopper?
>>
>> Non-support for auth is a concern, lack of NTPv4 protocol support is
>> another.  Base ntpd also include SNTP which is a lightweight NTPv3
>> client.
>>
> I suspect if you can't be reasonably sure about the integrity of your
> network traffic you have other problems anyway... one can run ntpd -s to
> get a similar function to ntpdate/sntp.
>
> But again, for 99% of installs as a client, auth and/or ntpv4 doesn't
> matter and much like sendmail/dma, one can always install ntp.org from
> ports if they require authentication (I've never seen it used).

The other point I should make here is that if you care that much about 
time security you shouldn't be contacting ntp servers over 3rd party 
networks anyway, at least not without some IP-level 
encryption/authentication, or use a source that can't easily be used as 
an attack surface, such as GPS/MSF etc.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?530B2DEE.3030808>