The Story
Keeping track of time is critical for servers and clients on the Internet. NTP is how the Internet keeps track of time. Since NTP implementations are so critical and they're on the network, it's important that they be secure.
The most popular NTP implementations today are written in C and are not memory safe. We're aiming to fix that.
What We've Done
During 2022 Prossimo contracted Tweede golf to implement NTP in Rust. The new implementation was named ntpd-rs.
Work on the client, server, and NTS support is complete and ready for production deployment.
A third party security audit performed by Radically Open Security was completed.
In April of 2023 Tweede golf's associated Trifecta Tech Foundation became the new home for ntpd-rs. We thank them for all of their great work!
Today ntpd-rs is a mature implementation and we encourage anyone interested to try it out. It's currently deployed in a number of places, including at the Let's Encrypt certificate authority.
What's Next
Prossimo's work here is complete.
Packages
Links
More from the Prossimo blog
More Memory Safety for Let’s Encrypt: Deploying ntpd-rs
NTP is critical to how TLS works, and now it’s memory safe at Let’s Encrypt.
Providing official Fedora Linux RPM packages for ntpd-rs and sudo-rs
Memory safe NTP and sudo are now in Fedora Linux.
Memory Safe Network Time (NTP) Has New Home, Seeks Early Adopters
Bringing more safety to a critical network-based service.
A Memory Safe Implementation of the Network Time Protocol
NTP is critical to the Internet’s functioning and we’ve collaborated with Tweede golf to build a high-performance, memory safe implementation.
Funders
