nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NTP Sync Issue Across Tata (Europe)

From: Dorn Hetzel via NANOG <nanog () nanog org>
Date: Mon, 7 Aug 2023 06:23:30 -0400
Diversity from GPS might also be obtained by setting one receiver for GPS
and another for Galileo.  I think I'd skip GLONASS for now :)


On Mon, Aug 7, 2023, 06:09 Rubens Kuhl <rubensk () gmail com> wrote:


The paper suggests the compromise of critical infrastructure. So,

besides not using NTP, why not stop using DNS ? Just populate a hosts file
with all you need.


Well DNS can be cryptographically secured.  There really isn’t any good

reasons to not sign your zones today.  The majority of responses from
authoritative servers are validated today so if you sign the responses will
be checked.  Unfortunately most to those validations still result in
insecure instead of secure because people are not signing their zones.

So does NTP, with NTS.

https://datatracker.ietf.org/doc/html/rfc8915


Rubens
Previous By Date Next
Previous By Thread Next

Current thread: