Time synchronization issues
Adam Shostack
adam at homeport.org
Tue Nov 4 23:38:43 UTC 2003
On Tue, Nov 04, 2003 at 12:47:17PM -0500, Joel N. Weber II wrote:
| So, if you're trying to design a system that's secure, the real issue
| to worry about is whether there are circumstances where an attacker
| can manipulate clocks to be able to use a certificate that's invalid.
|
| If you're really relying on the clocks being accurate, then you need
| to have documentation that says to people running onion routing
| software, ``don't configure your computer to use rdate -s
| trusted-time-server.example.com every time it boots, for any protocol
| such as rdate which is not cryptographically authenticated.'' (This
I mostly agree, but want to say if it's essential for the security of
the system, the software needs to verify it. Nobody reads the
documentation.
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
More information about the tor-dev
mailing list