Re: [ntp:questions] This is project have any SLA and does it meets th PCI and DSS compliance

2018-08-06 Thread David Woolley 

On 12/05/18 18:55, bhuvaneshwara...@powerupcloud.com wrote:

We are going to use these pool servers for our production env, so we need to 
know that you have any SLA for uptime and does this project meets the PCI and 
DSS compliance?


There is no service level agreement.  If you want a service level 
agreement, you will need to use a commercial source, although, 
ultimately commercial sources are likely to depend on satellite 
navigation systems that are unlikely to have service level agreements 
with anyone, except, possibly, their own military.


Do you mean PCI DSS, rather than both PCI and DSS?  I.e. Payment Card 
Industry Data Security Standard?  Nowhere is payment card data requested 
or stored. There is no-one to pay for any certification that that is the 
case.


___
questions mailing list
questions@lists.ntp.org
http://lists.ntp.org/listinfo/questions

Re: [ntp:questions] This is project have any SLA and does it meets th PCI and DSS compliance

2018-08-06 Thread William Unruh 
On 2018-05-12, bhuvaneshwara...@powerupcloud.com 
 wrote:
> Hello,
>
> We are going to use these pool servers for our production env, so we need to 
> know that you have any SLA for uptime and does this project meets the PCI and 
> DSS compliance? 
>

No idea what you are asking, but pool.ntp.org is a huge bunch of volunteers
who provice their own ntp servers for the use of others. It meets no
compliance standards, and the uptime of volunteers is random, and certainly
not tracked. Note also that the quality of time served by random members of
pool.ntp.org is highly variable-- from tens of microseconds to hundreds of
milliseconds.

If you want to make sure that you have reliable service, set up your own set
ofservers, fed for example from a GPS-PPS source. If you are an organization
then you should also set up your own pool powerupcloud.pool.ntp.org.
for your clients to use, rather than making use of those volunteers. 

ntp is a time source, not a secure environment. 

So I think that the answer to your question is NO. And also that you are
confused about  what ntp is. 

___
questions mailing list
questions@lists.ntp.org
http://lists.ntp.org/listinfo/questions