Re: git: b1c95af45488 - main - rc.conf: correct $ntp_leapfile_sources

Reply: Warner Losh : "Re: git: b1c95af45488 - main - rc.conf: correct $ntp_leapfile_sources"
Reply: Xin Li : "Re: git: b1c95af45488 - main - rc.conf: correct $ntp_leapfile_sources"
In reply to: Warner Losh : "Re: git: b1c95af45488 - main - rc.conf: correct $ntp_leapfile_sources"
Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Steffen Nurpmeso <steffen_at_sdaoden.eu>
Date: Fri, 08 Dec 2023 01:07:31 UTC
Warner Losh wrote in
 <CANCZdfpHWRECi=DyhxJAW4MkA-CyPLK=OSdSwBdKQJ57MyPwNA@mail.gmail.com>:
 |On Thu, Dec 7, 2023 at 3:27 PM Steffen Nurpmeso <steffen@sdaoden.eu> wrote:
 |> Xin Li wrote in
 |>  <d75b041f-05f8-44c1-8de6-1fef89b7e537@delphij.net>:
 |>|On 2023-12-06 22:34, Philip Paeps wrote:
 |>|> On 2023-12-07 14:26:05 (+0800), Warner Losh wrote:
 |>|>> We should point to bipm
 |>|>> https://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list since
 |> they
 |>|>> are
 |>|>> the source of truth, no?
 |>|>
 |>|> I went for the IANA copy because data.iana.org is a much shorter and
 |>|> trustworthy looking URL.  And it's also where other operating systems
 |>|> get their copies.
 |>|
 |>|My understanding is that IANA's copy is part of tzdata and it's only
 |>|updated when a new set of zone data is released, so it's sometimes
 |>|outdated.  It is actually going to be outdated really soon by the way.
 |>
 |> But nothing will change.
 |> It is only about the included end-of-life tag why there is
 |> discussion at all.
 |> The IANA TZ data is always updated as necessary, "early enough".
 |
 |Yes. TZ data updates multiple times a year. The lead time on NIST/BIPM
 |updating the file usually is within days or weeks after the new leap is
 |announced.
 |But ntpd can't possibly use it for about 5 months. TZ updates are plenty
 |fast.
 |
 |The bigger problem is that we have to do a EN to get a new set of zone
 |files. If we had a way to fetch them, we could just copy this file from the
 |updated
 |zone files.

I never spoke against fetching the plain file (who is my role in
this project in the end?), i only spoke against using the server
of the french institute directly.
Ie one could poll this once a day or so, and upload it somewhere
else.  Or ping the github URL of the raw IANA TZ file, which is
placed in Eggert's repo quite fast, even without release.
(Just in case the FreeBSD project want to lock out all the
countries that github blocks, i think Iran, North Korea, Cuba
even, who knows which otherwise, i will not look up that political
war thing.)

 |> Also the beasts are about to get rid of leap seconds until 2035
 ...
 |> earlier).  Bets can be placed whether it will happen before
 |> a possible occurring leap second, or not.  (My bet is that they
 |> run everything against the wall, and then run away yelling about
 |> the evil leap second, after having missed to create an appropriate
 ...
 |Yea, we're years away from the next leap second. And there's still
 |a good chance we'll have at least one more. And there's also rumblings
 |that leaps will stop before 2035 (that's the current absolute last date,
 |and there's several folks that want to pull that in). What will happen
 |for sure isn't well known...
 |
 |ntpv5 discussions have, at times, assumed there will be no more leap
 |seconds and so ntpv5 needn't have anything to accommodate them.

I have not looked into current WG outcome (there was just recently
some IETF post regarding NTP, i have not looked).
I would only wish they distribute TAI and the offset to UTC, but
i think, i would hope, they will doing the opposite regulary.
I have no time, and i am not the right person to do anything about
NTP, let alone in the IETF.  All i could ever say i did say, and
that was that it was always wrong to go for "civil time" aka UTC,
at least without a permanent indication to a constant reliable
time scale.  And a longer possibility to detect leaps, as i knew
secretaries who turn off their computer at Friday afternoon, not
to turn it on again until Monday morning.  And my impression in
the past, before i came a little bit involved in international
email etc communication, was that the engineers simply could not
imagine such a situation.  Or, *at best*, decided that then
silence is the best communication on such a switch.

 |>|The IERS one is more up-to-date because they publish the bulletin.
 |>
 |> In general i think distribution of load is a good thing, and
 |> i find it very unfriendly to put all the load onto some jealous
 |> institute (if it is one) and its single server.
 |> The FreeBSD project has an established set of mirrors, and, the
 ...
 |We can skew the load in time by spreading all our users out over
 |the few months we have if there's a load issue.

I have recognized even the nice name of this mechanism in the
FreeBSD rc system, Warner Losh.

 |> Btw PHK had a thrilling idea of DNS distributing leap ticks some
 |> years ago, and he even started to host it.  As it unfortunately
 |> did not fly i did not track it further.
 |> Would also be an idea for the FreeBSD project: simply download the
 |> file ones, then place a DNS record that FreeBSD installations then
 |> can query.  DNSSEC is in place i think.
 |
 |Yea, that's not a thing that's happening. It was an interesting idea,
 |but hasn't been standardized and there's little to apetite to distribute
 |this way.

Unfortunately.  And then there is the fully blown tzdist protocol
that the IETF hammered through with XML and what not formats,
unfortunately not CBOR ("later"), this is what Meinberg says on
the state of that:

  https://kb.meinbergglobal.com/kb/time_sync/tzdist

 |>|The bundled version was from NIST ftp, but fetching from ftp for every
 |>|FreeBSD system out there was too scary for me.
 |>|
 |>|There may be some security / privacy concerns if we direct users to a
 |>|place that we do not have control, by the way.
 |>
 |> Interesting aspect!
 |
 |There might be, but this sounds somewhat speculative. What's the anticip\
 |ated
 |concerns?

Maybe Xin Li has stumbled over the same thread as i after that
publicsuffix CVE of cURL (first sentence of the quoted message):

  https://lists.gnu.org/archive/html/bug-wget/2014-03/msg00113.html

What i mean is, the FreeBSD project and its pkg database, isn't
this a natural place for such a thing?  With guaranteed /
controlled availability.

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)
|
| Only in December: lightful Dubai COP28 Narendra Modi quote:
|  A small part of humanity has ruthlessly exploited nature.
|  But the entire humanity is bearing the cost of it,
|  especially the inhabitants of the Global South.
|  The selfishness of a few will lead the world into darkness,
|  not just for themselves but for the entire world.