Hello, I am one of the authors of the NTS for NTP specification, <https://datatracker.ietf.org/doc/draft-ietf-ntp-using-nts-for-ntp/>. Steven described this well, and as he wrote, the first step in the NTS procedure is to contact a Key Establishment (KE) server, the KE server will point to the NTP server and port to use, also taking into consideration what the client requested, if it did. The NTP packets will be larger than what they are today, since they contain one or sometimes more than one “cookies” or “cookie placeholders” (a measure to make amplification impossible). Today, some points in the internet still filter port 123 on size. If this continues, NTS enabled NTP server owners will likely not run the corresponding NTP server on port 123, since there is no need to, they can run it on an arbitrary port. There seems to be no willingness from the ISP community to try to clean up the old NTP traffic amplifiers that are still out there. Is this really what the ISP community wants - to kill off port 123, and force NTP to move to random ports? Ragnar