On Tue, Sep 01, 2015 at 10:42:00AM -0400, Simo Sorce wrote:
On Tue, 2015-09-01 at 11:26 +0200, Miroslav Lichvar wrote: Just FYI, the reason we chose ntpd and stuck top it is that we eventually want to support MS-SNTP signing (for compatibility with windows clients/samba). We haven't done that yet because when we did work on the component it was still an external patch (IIRC) even for ntpd, but signing time is something we'd really want to do.
If you need the MS-SNTP support, I can work on that. From what I saw it shouldn't be very difficult to implement.
Note that having an implementation of Network Time Security to which we can feed certificates (for the server) would also be a very good thing, sadly none of the clients/servers support it yet apparently.
The NTS specification is still a work in progress.