monogon-dev / monogon

The Monogon Monorepo. May contain traces of peanuts and a ✨pure Go Linux userland✨. Work in progress!
https://monogon.tech
Apache License 2.0
378 stars 9 forks source link

Secure Time #73

Open lorenz opened 3 years ago

lorenz commented 3 years ago

So currently for secure time there are essentially two options:

NTS (Network Time Security) | RFC 8915

See also https://weberblog.net/network-time-security-strengths-weaknesses/, which has some more details.

Roughtime | draft-ietf-ntp-roughtime-05

leoluk commented 3 years ago

Good summary - it seems like Roughtime is the right choice?

q3k commented 3 years ago

After a quick discussion, we've decided to not make a decision on this for now - ie., we're deferring this past MVP, and then we hope that there is a clear winner between the two approaches (for example, because roughtime becomes more standardized, or because an alternative NTP implementation in a memory-safe language exists and we're more comfortable with letting it handle crypto protocols).

fionera commented 10 months ago

There is also https://github.com/pendulum-project/ntpd-rs now which implements NTS and is written in rust