[Tails-dev] tordate: why is it safe to set time from unverif…

Nachricht löschen

Nachricht beantworten
Autor: intrigeri
Datum:  
To: Maxim Kammerer
CC: The Tails public development discussion list
Alte Treads: Re: [Tails-dev] Please review and test feature/tordate
Betreff: [Tails-dev] tordate: why is it safe to set time from unverified-consensus?
Hi Maxim,

Early October, we were pondering setting the Tails system time from
unverified-consensus in case cached-consensus is not present; long
story short, we refrained to do so in a hurry at pre-release time;
eventually, we did not take the time yet to investigate how safe it
would be to do so, and why.

On October 9th, a commit of yours (58cc2dd) in Liberté Linux Git
repository made the very move we were unsure of. So I guess this
approach seemed safe enough to your eyes. May we know why?

In other words, what kind of malicious party is able to feed such
a consensus to the Tor client running in Liberté Linux (or Tails) at
this point, in a way that this Tor client saves it to
unverified-consensus?

Regards,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
| If you must label the absolute, use it's proper name: Temporary.