Open lorenz opened 3 years ago
Good summary - it seems like Roughtime is the right choice?
After a quick discussion, we've decided to not make a decision on this for now - ie., we're deferring this past MVP, and then we hope that there is a clear winner between the two approaches (for example, because roughtime becomes more standardized, or because an alternative NTP implementation in a memory-safe language exists and we're more comfortable with letting it handle crypto protocols).
There is also https://github.com/pendulum-project/ntpd-rs now which implements NTS and is written in rust
So currently for secure time there are essentially two options:
NTS (Network Time Security) | RFC 8915
See also https://weberblog.net/network-time-security-strengths-weaknesses/, which has some more details.
Roughtime | draft-ietf-ntp-roughtime-05