Hi,
proper@??? wrote (06 Jun 2012 01:15:55 GMT) :
> Why doesn't Tails use tlsdate, made by Jacob Appelbaum? [1] [2]
> Wouldn't it be a good replacement for htp?
Because it's not clear at all where, and how it could fit into,
replace or improve the current time sync' system we already have:
https://tails.boum.org/contribute/design/Time_syncing/
I had difficulties communicating on this topic with Jacob on IRC, so
I told him I will have a serious look once he makes this point clear.
tlsdate could be a good replacement for HTP once it has the features
we need (e.g. our three-pools design) -- OTOH, another options could
be to keep our existing htpdate wrapper (that implements the clever
bits), and merely replace wget + header parsing in there with tlsdate.
In this context, tlsdate communication would go through Tor.
However, it *seems* to me Jacob was suggesting us to run tlsdate in
the clear, that is without going through Tor; hence the question
I raised about the network fingerprint of this tool, unanswered as of
today (see <85sjgwz3kw.fsf@???> on tor-talk). I'm worried running
tlsdate in the clear would get us back to the "Tails leaves a clear
bootstrap network fingerprint" old days we have managed to escape with
our current time sync' system.
