[Tails-dev] Need hostnames suggestions for more resilient ht…

Supprimer ce message

Répondre à ce message
Auteur: intrigeri
Date:  
À: tails-dev
Sujet: [Tails-dev] Need hostnames suggestions for more resilient htpdate pools
Hi,

Ideas ([0] and [1]) about a more resilient htpdate were implemented in
feature/more_resilient_htpdate, debugged and tested.

The main thing left to do is to make our pools bigger, and this is why
I'm writing here.

For every pool (trusted, distrusted, neutral) we need more hostnames.
Suggestions are most welcome.

Each hostname must satisfy the following conditions:

  * serve https://
  * support TLSv1
  * use a SSL certificate that makes wget happy (beware of certificate
    name mismatches) in Debian stable
  * give out a Date: header
  * be stable and reliable


Here's how to test:

  $ wget --no-cache -e robots=off --secure-protocol TLSv1 \
         --spider --server-response https://$HOSTNAME


[0] https://tails.boum.org/todo/more_resilient_htpdate/
[1] https://tails.boum.org/todo/more_resilient_htpdate_pool/

Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
| Then we'll come from the shadows.