We were sad to learn that the creator of the NTP protocol, Dr David
L. Mills PhD has passed away.

Dr Mills designed the NTP distributed algorithm, while also writing
and maintaining the reference implementation on the very first
experimental inter-networking packet switches that were the creation
of the internet.

In that work he was supported by the other founders of the internet,
and by skilled developers and maintainers who assisted him, and by a
growing collection of skilled developers and maintainers who continued
maintaining the work that he started. The maintainers of the NTPsec
project count ourselves lucky to be amoung the people who followed in
his work.

The more we discovered reading the sources of his NTP implemention,
the more we became aware of his insight, technical ability, and his
hope and his dream that this little “inter-network experiment” could
grow to be literally world spanning. He was right, we we all owe him
much.

Thank you, Dr, Mills. The clocks of the world tick together in time
in large part due to you.

You can clone the git repo
from https://gitlab.com/NTPsec/ntpsec.git
and you can download the release tarballs with sums and signatures
from https://ftp.ntpsec.org/pub/releases/

This release is signed with the GPG key id
E57235D22764129FA4F2F4D17F52608ED0E49D76

You can clone the git repo
from https://gitlab.com/NTPsec/ntpsec.git
and you can download the release tarballs with sums and signatures
from https://ftp.ntpsec.org/pub/releases/

This release is signed with the GPG key id
E57235D22764129FA4F2F4D17F52608ED0E49D76

You can clone the git repo
from https://gitlab.com/NTPsec/ntpsec.git
and you can download the release tarballs with sums and signatures
from https://ftp.ntpsec.org/pub/releases/

This release is signed with the GPG key id
E57235D22764129FA4F2F4D17F52608ED0E49D76

The NTPsec Project is pleased to announce the tagging of version 1.2.1

Update ntpkeygen/keygone to properly filter # characters. (CVE-2021-22212)

Add dextral peers mode in ntpq and ntpmon.

Drop NTPv1 as the support was not RFC compliant, maybe v2 except mode 6 next.

Fix argument P for ntpd parsing fixed and ntpdate improvements.

Fix crash for raw ntpq readvar.

Add processor usage to NTS-KE logging except on NetBSD.

Remove –build-epoch and replace it with arbitrary –build-desc text.
Passing ‘–build-desc=$(date -u +%Y-%m-%dT%H:%M:%Sz)’ restores the previous
default extended version.

The build epoch has been replaced with a hardcoded timestamp which will be
manually updated every nine years or so (approx 512w). This makes the
binaries reproducible by default.

Compare versions of ntp.ntpc and libntpc printing a warning if
mismatched. Fix libntpc install path if using it.

Reduce maxclocks default to 5 to reduce the NTP pool load.

Print LIBDIR during ./waf configure.

Add documentation, new GPG key, and other cleanups.

For other changes since the previous release, please consult
the project NEWS.adoc file
at https://gitlab.com/NTPsec/ntpsec/-/blob/master/NEWS.adoc

You can clone the git repo
from https://gitlab.com/NTPsec/ntpsec.git
and you can download the release tarballs with sums and signatures
from ftp://ftp.ntpsec.org/pub/releases/

This release is signed with the GPG key id
E57235D22764129FA4F2F4D17F52608ED0E49D76

The NTPsec Project is pleased to announce the tagging of version 1.2.0

The minor version bump is to indicate official official support of
RFC8915 “Network Time Security for the Network Time Protocol” which
was released 2020-09-30.

For other changes since the previous release, please consult
the project NEWS.adoc file
at https://gitlab.com/NTPsec/ntpsec/-/blob/master/NEWS.adoc

You can clone the git repo
from https://gitlab.com/NTPsec/ntpsec.git
and you can download the release tarballs with sums and signatures
from ftp://ftp.ntpsec.org/pub/releases/

This release is signed with the GPG key id
E57235D22764129FA4F2F4D17F52608ED0E49D76
which is a new key.

On this day in 1783, Benjamin Hanks received a patent for a
self-winding clock he planned to install in the Old Dutch Church in
Kingston, New York, supposedly making it the first public clock in
what became the New York City metropolitan area.

The NTPsec Project is pleased to announce the tagging of version 1.1.9

This should be the last point release of NTPsec before the Network
Time Security RFC is approved by the IETF. We expect to release 1.2.0
when that happens.

Analysis shows that CVE-2020-11868, affecting NTP Classic, cannot
affect us, as the peer mode involved has been removed.

For other changes since the previous release, please consult
the project NEWS.adoc file
at https://gitlab.com/NTPsec/ntpsec/-/blob/master/NEWS.adoc

You can clone the git repo
from https://gitlab.com/NTPsec/ntpsec.git
and you can download the release tarballs with sums and signatures
from ftp://ftp.ntpsec.org/pub/releases/

This release is signed with the GPG key id
B48237761A2690222C995F445A22E330161C3978

Today is Blursday, Maprilay 84th, 2020, of the COVID-19 panic.

On this day, in 1844, the first commerical telegraph line came online.

I need to preface this post with the statement that I am not a lawyer,
and that I am not speaking on behalf of my dayjob employer.

There is no need to include the year in a copyright declaration
statement. And related, there is no need to update the year
statement, add new year statements, manage year range statements, or
any of that stuff. It is tedious, boring, adds no value, and prevents
no risks.

Several large legally sophisticated companies, include Amazon, Google,
Microsoft, and Facebook, are now publishing open source code with
copyright statements without a year.

And so, I have added the following to our devel/hacking document.

Do not specify a year in a copyright statement. Most of the existing
copyright statements already present in the project have been scrubbed
of the year. There is no need to specify the year in a copyright
statement. Several large legally sophisticated companies, include
Amazon, Google, Microsoft, and Facebook, are now publishing open
source code with copyright statements without a year. We encourage
the larger open source community to emulate this.

Being able to do this now has taken a surprisingly large amount of
work behind the scenes, especially on the part of those large
companies. Do please take advantage of it, and write simpler
copyright statements in your open source projects from now on.

The NTPsec Project is pleased to announce the tagging of version 1.1.8

As aways, the most accurate record of changes is in the
NEWS file, the git log, and the git history.

This version has fixes and tweaks to handling certs for NTS.

We have also removed the last #define _XOPEN_SOURCE, as well as
removing many other now unneeded #ifdefs, and cleaned up warnings
and build issues for several OS targets. See the git history for details.

You can clone the git repo
from https://gitlab.com/NTPsec/ntpsec.git
and you can download the release tarballs with sums and signatures
from ftp://ftp.ntpsec.org/pub/releases/

This release is signed with the GPG key id
B48237761A2690222C995F445A22E330161C3978

Last December, I switched the comment processor for this blog from
Disqus to Commento, and discussed by reasons in
the blog post
Switch from Disqus to Commento.
Mainly it was because we didn’t like the adtech tracking and the injected
adverts.

We’ve been happy with it since the switch, it’s Just Worked.

My only complaint when we switched to it was the only social login it
supported was with Google. Well, that’s been fixed, and has added
social login from some other big sites, including Gitlab. Just what
we wanted!

If do find any problems with Commento, let them know. If you are
using Disqus on any of your own sites, consider
Commento instead.

The NTPsec Project is pleased to announce the tagging of version 1.1.7

As aways, the most accurate record of changes is in the
NEWS file, the git log, and the git history.

The numeric literal argument of the ‘time1’ fudge option on a clock
can now have one or more letter suffixes that compensate for era
rollover in a GPS device. Each “g” adds the number of seconds in a
1024-week (10-bit) GPS era. Each “G” adds the number of seconds in a
8192-week (13-bit) GPS era.

The neoclock4x driver has been removed, due to the hardware and the
vendor having utterly vanished from the face of the earth.

The NTS ALPN negotiation sequence has been modified for improved
interoperability with other NTS implementations.

NTS key rotation now happens every 24 hours. It used to rotate
every hour to enable testing of recovery from stale cookies.

You can clone the git repo
from https://gitlab.com/NTPsec/ntpsec.git
and you can download the release tarballs with sums and signatures
from ftp://ftp.ntpsec.org/pub/releases/

This release is signed with the GPG key id
B48237761A2690222C995F445A22E330161C3978

The NTPsec Project is pleased to announce the tagging of version 1.1.6

We have been shipping weekly because of ongoing development of NTS.

As aways, read the …​/NEWS file, and the git log and git history.

You can clone the git repo
from https://gitlab.com/NTPsec/ntpsec.git
and you can download the release tarballs with sums and signatures
from ftp://ftp.ntpsec.org/pub/releases/

This release is signed with the GPG key id 0x5A22E330161C3978.

The NTPsec Project is pleased to announce the tagging of version 1.1.5

We do not normally ship a release only one week after the previous,
however it is HIGHLY RECOMMENDED that if you are using NTS you
upgrade to this version.

We have added ALPN to be consistent with the NTS draft. And we have
discovered and fixed a buffer overrun in debug compile of ALPN
implementation. If you are running NTPsec 1.1.4 with NTS turned on
and with with the compile time debug flags turned on, it is possible
for an attacker to send a packet that will crash your server.

As aways, read the …​/NEWS file, and the git log and git history.

On this day in 1972 the first leap second is added to the UTC time system.

As always,
you can clone the git repo
from https://gitlab.com/NTPsec/ntpsec.git
and you can download the release tarballs with sums and signatures
from ftp://ftp.ntpsec.org/pub/releases/

This release is signed with the GPG key id 0x5A22E330161C3978.