Using Canada NTP pool for possible commercial product



We are currently a small organisation working on a new IoT product which runs bare metal. We require NTP services.
Is there any legal action against using the pool.
Our product on initial release will be about ~500.



As a minimum you need to apply for a vendor zone.

You can read more about it here:



We are using the AWS IoT service only and we know amazon has a registered NTP pool could we use those without any problems?


I don’t think so. As I read the rules you need your own zone.


I don’t know about your IoT product, but many such IoT products are never updated after they have been deployed, and fixing bugs in those might be problematic. If it turns out that your NTP implementation has a bug (for example if it starts sending requests endlessly when it encounters a leap second), having a vendor zone would help in controlling the damage. I would heartily recommend getting a vendor zone.

If this is not an option for you, you could always run your own NTP servers and point the devices to those.

Theoretically you could also use the NTP servers specified by the clients’ ISP but unfortunately very few ISPs provide that information. One can hope that this will change some day.


The product will support OTA. Using a propriety boot loader. Thus we can
always update the firmware.


It doesnt really change anything. Apply for a vendor zone (seems pretty simple) and read all the recommendations about how often your product should ask for time (so we do not have a situation like the one TPLink caused rescently).