Hi Maxim,
Early October, we were pondering setting the Tails system time from
unverified-consensus in case cached-consensus is not present; long
story short, we refrained to do so in a hurry at pre-release time;
eventually, we did not take the time yet to investigate how safe it
would be to do so, and why.
On October 9th, a commit of yours (58cc2dd) in Liberté Linux Git
repository made the very move we were unsure of. So I guess this
approach seemed safe enough to your eyes. May we know why?
In other words, what kind of malicious party is able to feed such
a consensus to the Tor client running in Liberté Linux (or Tails) at
this point, in a way that this Tor client saves it to
unverified-consensus?
Regards,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
| If you must label the absolute, use it's proper name: Temporary.
