Ubuntu is transitioning to the Rust-based ntpd-rs as its default time synchronization utility, replacing chrony, linuxptp, and gpsd to deliver a unified, memory-safe solution for NTP, NTS, and PTP.
This move, in partnership with the Trifecta Tech Foundation, strengthens Ubuntu’s resilience goals, with full adoption planned across the Ubuntu 26.10 and 27.04 releases.
This post provides an update on the Canonical-supported upki project, which brings browser-grade Public Key Infrastructure to Linux through the efficient CRLite data format, with the core revocation engine now functional and available to test.
Beyond current progress, this post explores broader integration, performance, and future capabilities like Certificate Transparency enforcement and Merkle Tree Certificates.
AI-assisted tooling is becoming more and more common in the workflows of engineers at all experience levels. As I see it, our challenge is one of consideration, enablement and constraint.
We must enable those who opt-in to safely and responsibly harness the power of these tools, while respecting those who do not wish to have their platform defined or overwhelmed by this class of software.
upki, a universal tool for Linux
and other Unix-like operating systems for handling
X.509 certificate revocation lists in system
utilities.