[systemd-devel] Time synchronization over HTTP?

[Lennart Poettering]

On Mon, 27.06.16 10:34, Kai Hendry (hendry at webconverger.com) wrote:

> Hi there,
> 
> I had a quick look at
> https://github.com/systemd/systemd/tree/master/src/timesync to try work
> out if /usr/lib/systemd/systemd-timesyncd had some sort of fallback if
> ntp UDP port 123 traffic is blocked.
> 
> This happens all too often with my deployments of Webconverger and I was
> wondering if asking for HTTP based time synchronization was a sane thing
> to ask for from systemd.
> 
> An example implementation can be found here:
> https://github.com/ccrisan/motioneyeos/blob/master/board/common/overlay/etc/init.d/S50date#L31

I figure having something like this makes some sense. There was a plan
to add something like an http-based ping scheme to networkd, so that
networkd can do captive portal detection natively, and at the same
time acquire some useful data from the ping server, for example a
suggested default timezone/language/location and so on, via some http
request or so. NetworkManager, Firefox, and so on all implement that
on their own these days, to limit degrees, and even ConnMan has been
doing this for quite some time. It's a bit of a privacy issue, as when
this is enabled there's an instant ping to some central server
attempted, but I still think for many setups having this makes a ton
of sense.

I figure using this as also as crappy fallback if NTP doesn't work and
hasn't worked in a while definitely makes sense.

I am not convinced however to reuse some HTTP server for this that
isn't actually explicitly set up for this scheme, and thus is known to
provide correct times. For example, making clients sync their clocks
to www.google.com appears a questionnable idea to me.

So yeah, I like the idea, but doing this properly is not trivial I
figure, in particular if we want to take the privacy issue into
account and provide a at least a bit of anonymity for clients.

Lennart

-- 
Lennart Poettering, Red Hat