What is the maximum acceptable clock skew for a network-connected computer?

https://en.wikipedia.org/wiki/Clock_skew#on_a_network

@evan your poll should include more options less than a minute. I'd personally be comfortable with 10s or so, but I'm pretty sure NTP has no problem keeping drift below 1s, so that should be the table stakes. The real question is how many folks expect drift in the 10s of milliseconds.

@cscott You should do a poll!

@cscott @evan Fully agree - my knock-off Casio F-91W loses only a couple of seconds every day, so any drift greater than a second on a network-connected machine would be entering the 'defective' realm in my determination.

@evan If you're running an IRC server, less than a second. (IRC relies on timestamps for resolving nick/channel collisions when a server connects, so it's important for clocks to be synchronized.)

@evan the default clock skew allowed on the kerberos authentication system is 5 minutes so I've always used that as my target.

@evan It depends!

@davep you monster

@evan 10-15 years ago I might have said 1m, but today <1s is perfectly achievable, and expected in most cases.

@SecurityWriter @evan Yeah, I don't get why computer clocks would ever need to be off by more than a few seconds in a networked environment capable of connecting to time servers. Some larger networks will even host their own service in house in order to keep the clocks of computers across their enterprise very tightly synced for log analysis reasons.

@Infoseepage @evan it’s also not unusual for secure environments to rotate their time by 10-20s to cause issues for unknown devices joining the network.

On of my clients has 4 sites 2000 miles from each other with NTP via satellite and they’re like half a second out across the board, and typically external NTP isn’t what you’d want in most cases.

Thanks to everyone. I'd say 1 minute or less.

I have been doing some evaluation of HTTP Signature implementations on the Fediverse, and I've seen tolerance of time differences in HTTP requests of 5 minutes, 30 minutes, or more than an hour.

I think some tolerance here is pretty low-risk, and the downside of rejecting activities based on clock skew is high, but I still find it funny. The SocialCG guideline is 1 hour + a few minutes:

https://swicg.github.io/activitypub-http-signature/#how-to-verify-a-signature

@evan As I said, it depends. If whatever your internet connected computer is doing doesn't rely on accurate time, it's not an issue.