#1226 closed defect (no response)
Replace NTP with in-network time synch
| Reported by: | dg | Owned by: | |
|---|---|---|---|
| Priority: | minor | Milestone: | 0.9.21 |
| Component: | router/general | Version: | 0.9.11 |
| Keywords: | Cc: | ||
| Parent Tickets: | Sensitive: | no |
Description
NTP is insecure, vulnerable to MITM, could be used for fingerprinting users and runs over the clearnet. This is not acceptable in some situations. Some have created alternatives (see tlsdate) that can be torified/anonymized.
Could we have an in-network, anonymous NTP/time synch solution? Would it work with the latency?
Ref.
http://i2p-projekt.i2p/en/meetings/71
https://github.com/ioerror/tlsdate
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23687166
https://trac.torproject.org/projects/tor/ticket/8170
Subtickets
Change History (4)
comment:1 Changed 5 years ago by
| Component: | unspecified → router/general |
|---|
comment:2 Changed 4 years ago by
| Milestone: | 0.9.15 → 0.9.21 |
|---|---|
| Status: | new → infoneeded_new |
comment:3 Changed 4 years ago by
| Resolution: | → no response |
|---|---|
| Status: | infoneeded_new → closed |
Closing for now. After reconsideration, I don't think this is important.
comment:4 Changed 4 years ago by
Non NTP time synchronization should be needed if NTP server hostnames does not resolve. Lot of issues appeared when my network DNS server gone down. This issue should not be forgotten if for some reasons DNS server lookup should be avoided completely.
We do use in-net timestamps for time syncing (and also from the HTTP headers while reseeding). But we still use NTP also.
I'm worried that if we disabled NTP for all, the whole net could drift off or become unstable.
I don't think the risks of NTP are significant. tlsdate is only marginally better? And less robust?
Please supply more justification for your proposal.