Sounds like he doesn't trust his NTP provider and doesn't want his IP address being sent to the NTP provider, because he wasnt to pretend his IP address is not online.

But he does trust cloudflare for his DNS requests.

Cloudflare run NTP, so just use their server.

The only threat I can see is if someone intercepts his NTP traffic, but they could intercept the DNS traffic too and see his SYNs (and indeed pass them on with you not even noticing)

His concern seems to be more about the IP leaking rather than the NTP result being incorrect, however in the latter case then yes, NTP isn't signed, so it's possible for someone to skew your clock by a few seconds if they were to intercept your traffic to all your NTP servers.