[ntp:questions] ntp-b.boulder.nist.gov not synchronized

Doug Calvert dfc-list at douglasfcalvert.net
Fri Jun 14 19:21:41 UTC 2013


On Fri, Jun 14, 2013 at 8:31 AM, Jason <bmwjason at bmwlt.com> wrote:
> Doug,
>
> Thanks for the response.
>
> We are using the other authenticated server. With only one available, our
> redundancy is gone. If NIST could say, for example, that the broken server
> would be fixed come Monday, I'd chill. However, people I've been able to
> contact are saying the only person that knows anything about / can do
> anything with the broken server is out until July.
>
> I'll look into dnssec for one (or more) of the non-authenticated servers.
>
> Thanks for that idea.
>
> Jason.
Everything that is under the .gov domain is going to have dnssec:

* time-nw.nist.gov
* wwv.nist.gov
* time.nist.gov
* time-d.nist.gov
* time-c.nist.gov
* time-b.nist.gov
* time-a.nist.gov
* time-c.timefreq.bldrdoc.gov
* time-b.timefreq.bldrdoc.gov
* time-a.timefreq.bldrdoc.gov

Is this for OATS? Remember:

"Q: Shouldn't we  just synchronize to the  NIST atomic clock because  we can’t
ensure  that our  time provider  is actually  in synchronization  with the  NIST
standard?

A: Not necessarily. You can synchronize your clocks with any time provider. Most
time providers provide information about the difference between their clocks and
the NIST clocks. Use  this information to determine if your  business clocks are
actually in synchronization. If your chosen  time provider does not consistently
provide this information, or you have  reason to believe that the information is
inaccurate, contact  the time provider and  FINRA and, if the  problem cannot be
rectified, choose another time provider. Your firm is ultimately responsible for
its compliance with the OATS Rules. (Last updated 5/7/12)"[1]

So you can use GPS or navy.mil (also dnssec) in a pinch.

I  realize  that  the  easy  solution is  the  authenticated  ntp  service  from
nist. However for some  future redundancy you can sign up  for the authenticated
time service from  NRC.ca. There is a yearly fee but  you get authenticated time
and then you can use Circular T[2] from obspm to demonstrate that NRC and NIST
agree to a certain number of nanoseconds.

[1] http://www.finra.org/Industry/Compliance/MarketTransparency/OATS/FAQ/P085544

[2] ftp://ftp2.bipm.org/pub/tai/publication/cirt.305


More information about the questions mailing list