Need trusted NTP Sources

jamie rishaw j at
Thu Feb 6 14:28:47 UTC 2014

PCI DSS only requires that all clocks be synchronized; It doesn't
/require/ "how".

If you have servers getting time from external sources (authenticated
always a plus) and peering with each other internally, then you comply
with PCI DSS 2.0 (3.0 has no changes to this that I'm aware of).

OTOH, I'm surprised nobody has mentioned


On Thu, Feb 6, 2014 at 6:53 AM, Notify Me < at> wrote:
> Raspberries! Not common currency here either, but let's see!
> grateful for all the input and responses, this list is amazing as usual.
> On Thu, Feb 6, 2014 at 1:41 PM, Aled Morris <aledm at> wrote:
>> On 6 February 2014 12:30, Martin Hotze <m.hotze at> wrote:
>>> > I'm trying to help a company I work for to pass an audit, and we've
>>> > been told we need trusted NTP sources (RedHat doesn't cut it). Being
>>> > located in Nigeria, Africa,
>>  [...]
>>> So build your own stratum 1 server (maybe a second one with DCF77 or
>>> whatever you can use for redundancy),
>> I don't think DCF77 is going to reach Nigeria.
>> Aled

jamie rishaw // at j <- reverse it. ish.

"Reality defeats prejudice." - Rep. Barney Frank

More information about the NANOG mailing list