Network Time Security (NTS)

NTS adds TLS-based authentication to NTP, preventing man-in-the-middle and time-spoofing attacks (RFC 8915).

• NTS-KE (Key Establishment) on port 4460
• Authenticated NTPv4 on port 123
• Post-quantum ready when PQ-TLS ships

In the meantime, use standard NTP:
time.yakmesh.dev