HTTPS servers will no longer offer timestamps from TLS 1.3 onwards since that feature is being deprecated due to performance reasons.

Any such clients have to fall back to TLS 1.2

A TLS 1.0 to 1.2 based time sync client called 'tlsdate' already exists.

openntpd uses the HTTP Date: header, not the faux timestamp in the TLS handshake.

openntpd is a nice hacky workaround, but not a clean solution. However they hindered adoption by requiring libressl to build this feature.

But roughtime does much more than openntpd: It lets you get the time from multiple servers and gives you cryptographic proof in case one of them tries to lie to you. That's a much tougher security guarantee.

The problem is what to do when your adversary selectively delays timestamp related packets skewing your time.

Note that this isn't exactly a problem in Google case. They want to fix cases where a wrong clock can invalidate certificates, so even a skew of a few minutes wouldn't be a problem (in Roughtime specially, they allow a 10 second delay as far I understand).