Skip to main content

Network Time Security for the Network Time Protocol

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: The IESG <>,,,,, Karen O'Donoghue <>,,
Subject: Protocol Action: 'Network Time Security for the Network Time Protocol' to Proposed Standard (draft-ietf-ntp-using-nts-for-ntp-28.txt)

The IESG has approved the following document:
- 'Network Time Security for the Network Time Protocol'
  (draft-ietf-ntp-using-nts-for-ntp-28.txt) as Proposed Standard

This document is the product of the Network Time Protocol Working Group.

The IESG contact persons are √Čric Vyncke and Suresh Krishnan.

A URL of this Internet Draft is:

Ballot Text

Technical Summary

This memo specifies Network Time Security (NTS), a mechanism for    using Transport Layer Security (TLS) and Authenticated Encryption with Associated Data (AEAD) to provide cryptographic security for the client-server mode of the Network Time Protocol (NTP).

NTS is structured as a suite of two loosely coupled sub-protocols. The first (NTS-KE) handles initial authentication and key establishment over TLS.  The second handles encryption and authentication during NTP time synchronization via extension fields in the NTP packets, and holds all required state only on the client via opaque cookies.

Working Group Summary

The document has clear working group consensus for publication, and has been reviewed by several WG participants since its initial adoption as a working group item. 

Document Quality

This document has been reviewed and revised several times during its development. There were no specific external expert reviews conducted; however, security area review was specifically solicited. 

Karen O'Donoghue is the Document Shepherd.  Suresh Krishnan is the Responsible Area Director. 

RFC Editor Note