The SignServer TimeMonitor should be configured (by the user) to use a local NTP server of the user's control. This is important as the TimeMonitor can be configured to query the NTP server more often than what is allowed by the RFCs.
However, if configured against one of the public NTP servers they could respond with a special packet called "kiss-of-death" to indicate that they are not happy with the rate of the queries. What should be done then is to lower the rate or seize querying.
Currently the TimeMonitor will most likely treat the response as an UNKNOWN status and try again.
Instead it would be better if the TimeMonitor recognized this situation and switched to disabled mode. To get started again it could require a configuration change.
For KISS codes of type "RATE" stop querying NTP and log a failure message. Querying should not be resumed until an administrator has taken an action such as making a configuration change.