[TacticalCoder]

> When a client asks for the time, it sends a random nonce. The server replies with a signed certificate containing both the nonce and a timestamp, proving the response happened after the request.

Oh that's cool. Apparently one of the protocol's goal is to catch lying parties and to prove they were lying about the (rough) time.

[geon]

What's the use case? I'm guessing it doesn't actually have anything to do with getting the time?

[kianN]

Roughtime is a really cool protocol we came across when we were hardening a license server. It provides a distributed mechanism for cryptographically verifiable time via chained requests. It’s not as precise as NTP (hence rough) but in practice it’s more than precise enough. It also has some nice additional properties: for example, NTP servers are often used as DDOS amplifiers, whereas roughtime servers return a smaller payload than the request.

The ecosystem is currently very young. Each additional deployment meaningfully strengthens the ecosystem (ours is only the fifth server) and each additional implementation helps harden the spec (which is soon approaching 1.0).

We wrote a bit more about it in a separate article: https://blog.sturdystatistics.com/posts/roughtime/

Official protocol document: https://datatracker.ietf.org/doc/html/draft-ietf-ntp-roughti...