I would say the biggest problem with NTP is that people keep reinventing this particular wheel (yes, I'm looking at you, Microsoft) and doing it badly. In that regard Susan Son's project, which is a fork of the NTP reference implementation, will probably be a major improvement.
Until ICEI and CACR got involved with NTP, it was supported by one person, part time, who had lost the root passwords to the machine where the source code was maintained (so that machine hadn't received security updates in many years), and that machine ran a proprietary source-control system that almost no one had access to, so it was very hard to contribute to it.
The "proprietary source-control system" mentioned would be BitKeeper, so not exactly RCS ifyouknowwhatImsayin. Moving code in and out of BitKeeper is pretty simple and well understood, it's what Linus Torvalds used for the Linux kernel until Tridge pissed off Larry McVoy.
NTP was designed and implemented by David Mills, who also invented the fuzzballs as well as the family of exterior gateway protocols that has since grown into BGP, the most important global routing protocol of the Internet. It's not a big stretch to say he made the modern Internet possible, and he's still kind of the Big Kahuna of network time synchronization, despite his age and fading eyesight.
I'm pretty certain Dr. Mills has never been formally responsible for security patching the University of Delaware's servers, although I suppose I could be wrong. I wouldn't expect him to have root access since his partial retirement in 2009, anyway, so somebody else would be responsible for patching today.
I run the reference implementation, patched to the 2016-11-21 release. I haven't seen any pressing reason to move to NTPsec.
Chrony's fine for laptops, I suppose, if you want more accuracy than OpenNTPd. As you've noted, most people don't need a datacenter grade time server, they just want a reasonably efficient NTP client running in the background.