@techreport{dansarie-nts-00,
    number =    {draft-dansarie-nts-00},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-dansarie-nts/00/},
    author =    {Daniel Fox Franke and Dieter Sibold and Kristof Teichel and Marcus Dansarie and Ragnar Sundblad},
    title =     {{Network Time Security for the Network Time Protocol}},
    pagetotal = 36,
    year =      2018,
    month =     jul,
    day =       2,
    abstract =  {This memo specifies Network Time Security (NTS), a mechanism for using Transport Layer Security (TLS) and Authenticated Encryption with Associated Data (AEAD) to provide cryptographic security for the client-server mode of the Network Time Protocol (NTP). NTS is structured as a suite of two loosely coupled sub-protocols: the NTS Key Establishment Protocol (NTS-KE) and the NTS Extension Fields for NTPv4. NTS-KE handles NTS service authentication, initial handshaking, and key extraction over TLS. Encryption and authentication during NTP time synchronization is performed through the NTS Extension Fields in otherwise standard NTP packets. Except for during the initial NTS-KE process, all state required by the protocol is held by the client in opaque cookies.},
}