Bug#1028149: bookworm: ntp has been replaced by ntpsec

[Miroslav Lichvar <mlichvar0@gmail.com>]

On Sat, Apr 15, 2023 at 04:31:45PM +0100, Richard Lewis wrote:
> Isnt that effectively what debian has done by setting systemd-timesync
> to "standard" priority?
> 
> if that's a bad decision, you should make the case to debian to change
> it i would think?
> (standard = installed by default, per debian policy)

Isn't it too late to fix this in bookworm?

I can provide data showing problems that some pool.ntp.org servers had
in the past, but as the upstream maintainer of chrony I'm probably not
the best person to be proposing changes in the priority of NTP
packages in Debian.

Another option would be to change the default servers of timesyncd,
e.g. to time.cloudflare.com, which is very reliable and has a great
coverage around the world from what I have seen so far. I suspect
people would not find it acceptable to rely on a commercial providers.

> if no-one else does,  i can draft some text that says
> - ntp is dropped (do we know why?).

I think the main reason is very slow upstream development with a large
number of known unfixed security issues.

> ntpsec is a direct replacement,
> but there is also chrony

openntpd is another NTP client that I think should be recommended.
(Not as a server though.)