Date: Mon, 22 Dec 2014 19:12:36 +0000 From: "Poul-Henning Kamp" <phk@phk.freebsd.dk> To: Mark Felder <feld@FreeBSD.org> Cc: freebsd-security@freebsd.org Subject: Re: ntpd vulnerabilities Message-ID: <22925.1419275556@critter.freebsd.dk> In-Reply-To: <1419274938.916478.205831685.0E7433EA@webmail.messagingengine.com> References: <252350272.1812596.1419241828431.JavaMail.zimbra@cleverbridge.com> <B6AF154A-FE22-4357-9031-91D661FD7E57@localhost.lu> <F7FACD2F-3AFE-4717-B4B9-B54A6FC70458@localhost.lu> <201412221745.KAA28186@mail.lariat.net> <1419274938.916478.205831685.0E7433EA@webmail.messagingengine.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-------- In message <1419274938.916478.205831685.0E7433EA@webmail.messagingengine.c= om>, = Mark Felder writes: >On Mon, Dec 22, 2014, at 11:39, Brett Glass wrote: >> I'd like to propose that FreeBSD move to OpenNTPD, which appears to = >> have none of the >> fixed or unfixed (!) vulnerabilities that are present in ntpd. = >> There's already a port. > >Historically OpenNTPD has been dismissed as a candidate because of its >reduced accuracy and missing security features. For example, it doesn't >implement the NTPv4 functionality or authentication. The entire question of authenticated time-protocols is very, very hairy. The currently available protocols leave a lot to be desired, both in terms of timekeeping, cryptography or (DoS) attack resistance. Most people who need authenticated time run their own stratum-1 server, typically with a GPS receiver, some times more elaborate than that. My main objection to OpenNTPD is not the lack of crypto, but that it's timekeeping isn't good enough, and that it is an evolutionary dead end. As you may have noticed I released a first preview of Ntimed yesterday. My goals for the ntimed-client program can almost be summarized as "Replacement for NTPD in FreeBSD's base system". I don't think it makes sense to take the discussion if we should import Ntimed into FreeBSD's source tree, until I have the first production release ready. There are good arguments both ways so details will matter. -- = Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe = Never attribute to malice what can adequately be explained by incompetence= .
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?22925.1419275556>