Overview#Time synchronization is the process that attempts to ensure all systems within a Domain have the same Time
Time synchronization is essential to Internet security as many security protocols and other applications require Time synchronization MCBG (RFC 7384). Unfortunately widely deployed protocols such as the Network Time Protocol (NTP) (RFC 5905) lack essential Security Considerations, and even newer protocols like Network Time Security (NTS) I-D.ietf-ntp-using-nts-for-ntp fail to ensure that the servers behave correctly. Authenticated time servers prevents network adversaries from modifying time packets. An authenticated time server still has full control over the contents of time packet and may go rogue.
- Y* For security issues with Symmetric Key based NTP-MD5 authentication, please refer to Message Authentication Code for the Network Time Protocol draft
- Y** For security issues with NTP-Autokey Public Key Authentication, refer to NTP-Autokey