Network Time Protocols G. McCollum Internet-Draft Cisco Systems Intended status: Informational 28 July 2025 Expires: 29 January 2026 Time Synchronization over QUIC draft-mccollum-tsq-00 Abstract This document proposes a modern, secure, and extensible time synchronization protocol designed to operate over the QUIC transport protocol. Known as TSQ (Time Synchronization over QUIC), this protocol aims to address the limitations of traditional NTP by leveraging QUIC's encryption, widespread UDP/443 acceptance, and multiplexed stream capabilities. TSQ is designed for contemporary deployment environments, including enterprise networks, cloud-native systems, containers, and mobile devices, where traditional UDP-based NTP struggles with security, scalability, or operational reliability. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 29 January 2026. Copyright Notice Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components McCollum Expires 29 January 2026 [Page 1] Internet-Draft TSQ July 2025 extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Scope and Goals . . . . . . . . . . . . . . . . . . . . . . . 2 3. Protocol Overview . . . . . . . . . . . . . . . . . . . . . . 3 4. Security and Threat Model . . . . . . . . . . . . . . . . . . 3 5. Scalability Considerations . . . . . . . . . . . . . . . . . 3 6. Message Format (TLV) . . . . . . . . . . . . . . . . . . . . 3 7. Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . . 4 8. Comparison to Existing Protocols . . . . . . . . . . . . . . 4 9. Next Steps . . . . . . . . . . . . . . . . . . . . . . . . . 4 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 5 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 5 Appendix A. IANA Considerations . . . . . . . . . . . . . . . . 5 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 5 1. Introduction Time synchronization is foundational to modern computing. It underpins authentication systems, log correlation, distributed transactions, and more. NTP, the current standard, was designed in a different era and brings challenges related to security, deployment compatibility, and extensibility. TSQ is proposed as a new protocol built directly on top of QUIC, leveraging its modern transport features to provide secure, authenticated, and operationally-friendly time synchronization. 2. Scope and Goals TSQ is intended to: * Provide secure and authenticated time synchronization * Support modern deployment scenarios * Operate in environments where UDP/123 is blocked * Be extensible and future-proof * Scale for enterprise and cloud TSQ is _not_ intended to: * Replace NTP in ultra-precise or constrained devices McCollum Expires 29 January 2026 [Page 2] Internet-Draft TSQ July 2025 * Replace public NTP infrastructure without optimization 3. Protocol Overview TSQ uses QUIC as its transport, establishing secure, short-lived connections. A typical exchange: 1. Client opens a QUIC connection to the TSQ server (UDP/443). 2. Client sends a TSQ Request with nonce and timestamp request. 3. Server replies with timestamps, echoed nonce, and metadata. 4. Client calculates RTT and adjusts clock accordingly. 4. Security and Threat Model TSQ relies on QUIC’s handshake for mutual authentication, confidentiality, and replay protection. Optional Ed25519 or HMAC signatures can be added if auditability is required. By default, QUIC session integrity suffices. 5. Scalability Considerations Short-lived connections, session resumption, and optional stateless design support scalability. TSQ is suitable for enterprise and cloud deployments. 6. Message Format (TLV) *TSQ Request* * Type: 0x01 * Nonce (16 bytes) * Optional extensions *TSQ Response* * Type: 0x02 * Echoed Nonce * Server Time * Receive Timestamp McCollum Expires 29 January 2026 [Page 3] Internet-Draft TSQ July 2025 * Send Timestamp * Optional metadata and signature 7. Use Cases * Cloud/container infrastructure * Mobile clients * Firewalled enterprise networks * High-precision timing visibility 8. Comparison to Existing Protocols The following table highlights key differences between traditional NTP, NTS, and the proposed TSQ protocol: +================+=====+=========+================+ | Feature | NTP | NTS | TSQ | +================+=====+=========+================+ | Transport | UDP | UDP+TLS | QUIC (UDP/443) | +----------------+-----+---------+----------------+ | Encryption | No | Yes | Always | +----------------+-----+---------+----------------+ | Extensibility | Low | Medium | High | +----------------+-----+---------+----------------+ | Mobile Support | No | No | Yes | +----------------+-----+---------+----------------+ | Precision Mode | No | No | Yes | +----------------+-----+---------+----------------+ Table 1 9. Next Steps * Solicit feedback on sync behavior and design * Improve trust and crypto model * Implement prototype in QUIC * Submit official Internet-Draft if interest grows McCollum Expires 29 January 2026 [Page 4] Internet-Draft TSQ July 2025 10. Acknowledgments Thanks to contributors from the QUIC and NTP working groups for input on timing accuracy and protocol design. 11. References [RFC8915] Franke, D., Sibold, D., Teichel, K., Dansarie, M., and R. Sundblad, "Network Time Security for the Network Time Protocol", RFC 8915, . [RFC7384] Mizrahi, T., "Security Requirements of Time Protocols in Packet Switched Networks", RFC 7384, . [RFC9000] Iyengar, J. and M. Thomson, "QUIC: A UDP-Based Multiplexed and Secure Transport", RFC 9000, . [RFC9221] Pauly, T., Kinnear, E., and D. Schinazi, "An Unreliable Datagram Extension to QUIC", RFC 9221, . [RFC9308] Kühlewind, M. and B. Trammell, "Applicability of the QUIC Transport Protocol", RFC 9308, . Appendix A. IANA Considerations This document has no IANA actions. Author's Address Garrett McCollum Cisco Systems Email: gmccollu@cisco.com McCollum Expires 29 January 2026 [Page 5]