on the NTP security issues and fixes

Gary E. Miller gem at rellim.com
Fri May 6 19:45:05 UTC 2016


Yo Daniel!

On Fri, 6 May 2016 15:34:29 -0400
Daniel Franke <dfoxfranke at gmail.com> wrote:

> On 5/6/16, Gary E. Miller <gem at rellim.com> wrote:
> >> Do we have to live with long convergence times?  Do you have any
> >> theory about what causes this and how it can be fixed?  
> >
> > I have not gone deep into the PLL, grouping, and selection layers.
> > Daniel Franke's talk at Penguicon leads me to believe he is
> > starting to see these issues.  
> 
> Depends what you mean by "see".

Well, two steps below grok.  No longer blind to the issues.

> In the literal, empirical sense, no, I
> haven't observed ntpd performance closely enough to possibly notice
> this. But I think I understand from first principles why it happens,
> and I'm researching Bayesian approaches to clock synchronization that
> I think will improve both speed-of-convergence and asymptotic
> precision.

Great!  Also reseaerch chronyd. ntpd and chronyd start with very
different assumptions and use cases, which lead to different solutions.

When you are ready, we'll bike-shed it for you.  :-)

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem at rellim.com  Tel:+1 541 382 8588
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ntpsec.org/pipermail/devel/attachments/20160506/fae6d5b7/attachment.bin>


More information about the devel mailing list