{
  "draft": "draft-ietf-ntp-port-randomization-08",
  "doc_id": "RFC9109",
  "title": "Network Time Protocol Version 4: Port Randomization",
  "authors": [
    "F. Gont",
    "G. Gont",
    "M. Lichvar"
  ],
  "format": [
    "XML",
    "TEXT",
    "HTML",
    "PDF"
  ],
  "page_count": "9",
  "pub_status": "PROPOSED STANDARD",
  "status": "PROPOSED STANDARD",
  "source": "Network Time Protocols",
  "abstract": "The Network Time Protocol (NTP) can operate in several modes.  Some of these modes are based on the receipt of unsolicited packets and therefore require the use of a well-known port as the local port.  However, in the case of NTP modes where the use of a well-known port is not required, employing such a well-known port unnecessarily facilitates the ability of attackers to perform blind/off-path attacks.  This document formally updates RFC 5905, recommending the use of transport-protocol ephemeral port randomization for those modes where use of the NTP well-known port is not required.",
  "pub_date": "August 2021",
  "keywords": [
    "security",
    "transport protocols"
  ],
  "obsoletes": [],
  "obsoleted_by": [],
  "updates": [
    "RFC5905"
  ],
  "updated_by": [],
  "see_also": [],
  "doi": "10.17487/RFC9109",
  "errata_url": null
}