mirror of
https://gitlab.com/chrony/chrony.git
synced 2025-12-04 08:35:06 -05:00
be8215e181
In basic client mode, set the origin and receive timestamp to zero. This reduces the amount of information useful for fingerprinting and improves privacy as the origin timestamp allows a passive observer to track individual NTP clients as they move across networks. (With chrony clients that assumes the timestamp wasn't reset by the chronyc offline and online commands.) This follows recommendations from the current version of IETF draft on NTP data minimization [1]. The timestamp could be theoretically useful for enhanced rate limiting which can limit individual clients behind NAT and better deal with DoS attacks, but no server implementation is known to do that. [1] https://tools.ietf.org/html/draft-ietf-ntp-data-minimization-01
84 KiB
84 KiB