On Fri, Jan 27, 2012 at 17:39, Maxim Kammerer <mk@???> wrote:
> When writing and testing that script, I noticed that the incoming
> valid-after is never more than an hour earlier from the current
> (correct) time, but at that point it was all kind of black magic, and
> I didn't know that (as you say) the reason is that the directory
> authorities agree on a new consensus each hour.
I think I now recalled the actual reason that stopped me from doing
more research on whether it is possible to rely on hourly new
consensus: fringe conditions. Say at 13:59 (correct time), Tor gets a
13:00-14:00-16:00 (valid-after, fresh-until, valid-until) consensus,
the computer's time is off, and tordate sets the time to 13:30. But
shortly after (maybe even before Tor has established a circuit — not
sure whether that matters), the directory authorities agree on a new
14:00-15:00-17:00 consensus, and 13:30 is now out of that window, so
Tor won't work (will it? The consensus is not yet valid — i.e.,
unverified), and htpdate will fail. With 14:30 estimate that problem
wouldn't have happened.
--
Maxim Kammerer
Liberté Linux (discussion / support:
http://dee.su/liberte-contribute)