Skip to main content

Network Time Security for the Unicast Mode of the Precision Time Protocol

Document Type Expired Internet-Draft (ntp WG)
Expired & archived
Authors Heiko Gerstung , Marius Rohde , Douglas Arnold
Last updated 2021-12-06 (Latest revision 2021-06-04)
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Additional resources Mailing list discussion
Stream WG state Candidate for WG Adoption
Document shepherd (None)
IESG IESG state Expired
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This memo specifies the application of Network Time Security, a mechanism for using Transport Layer Security (TLS) and Authenticated Encryption with Associated Data (AEAD) to provide cryptographic security for the unicast mode of the Precision Time Protocol. It is based on the 'Network Time Security for the Network Time Protocol' document RFC8915 and re-uses most of its mechanisms for providing a secure and robust key exchange solution for unicast PTP. Due to the different modes of operation, additional steps are required to secure unicast PTP communication between the PTP clients and unicast PTP servers. In addition to defining the new record types and other required values to allow the utilization of the NTS key exchange sub protocol, there are a number of additional protocol enhancements and server-side requirements which are defined in this memo.


Heiko Gerstung
Marius Rohde
Douglas Arnold

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)